www.heinz.com Open in urlscan Pro
34.111.11.8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://khparis2024.ca/
Effective URL:
https://www.heinz.com/en-CA
Submission: On May 24 via api (May 24th 2024, 10:17:34 am UTC) from US — Scanned from CA

Summary HTTP 72 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 14 IPs in 1 countries across 13 domains to perform 72 HTTP transactions. The main IP is 34.111.11.8, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.heinz.com. The Cisco Umbrella rank of the primary domain is 182136.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 25th 2023. Valid for: a year.

This is the only time www.heinz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.49.92.71 34.49.92.71	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 26	34.111.11.8 34.111.11.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2606:4700::68... 2606:4700::6810:291c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::93	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	2600:1408:c40... 2600:1408:c400:385::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:166b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	173.223.163.199 173.223.163.199	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	23.46.156.157 23.46.156.157	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:400d:c03::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::68	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::604	54113 (FASTLY) (FASTLY)
5	173.223.163.202 173.223.163.202	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
72	14

1 34.49.92.71 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.92.49.34.bc.googleusercontent.com

khparis2024.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 34.111.11.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.11.111.34.bc.googleusercontent.com

www.heinz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:291c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ukwest.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::93 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o4504005838045184.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:1408:c400:385::523 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:166b (United States)

ASN13335 (CLOUDFLARENET, US)

experience.ninetailed.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.163.199 (Ashburn, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a173-223-163-199.deploy.static.akamaitechnologies.com

www.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.46.156.157 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-46-156-157.deploy.static.akamaitechnologies.com

sf16-website-login.neutral.ttwstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c03::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::68 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::604 (United States)

ASN54113 (FASTLY, US)

cdn.allotta.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 173.223.163.202 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a173-223-163-202.deploy.static.akamaitechnologies.com

www.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	heinz.com 1 redirects www.heinz.com — Cisco Umbrella Rank: 182136	2 MB
14	onetrust.com cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 5661 geolocation.onetrust.com — Cisco Umbrella Rank: 533	234 KB
11	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2449	733 KB
6	tiktok.com 1 redirects www.tiktok.com — Cisco Umbrella Rank: 4011	4 KB
6	fonts.net cdn.fonts.net — Cisco Umbrella Rank: 16142	160 KB
3	ttwstatic.com sf16-website-login.neutral.ttwstatic.com — Cisco Umbrella Rank: 7390	22 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	allotta.io cdn.allotta.io — Cisco Umbrella Rank: 174451	872 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	89 KB
1	ninetailed.co experience.ninetailed.co — Cisco Umbrella Rank: 51379	2 KB
1	gstatic.com www.gstatic.com	207 KB
1	sentry.io o4504005838045184.ingest.sentry.io — Cisco Umbrella Rank: 101238 Failed	67 B
1	khparis2024.ca 1 redirects khparis2024.ca	134 B
72	13

	Domain	Requested by
26	www.heinz.com	1 redirects www.heinz.com
13	cdn-ukwest.onetrust.com	www.heinz.com cdn-ukwest.onetrust.com
11	res.cloudinary.com	www.heinz.com
6	www.tiktok.com	1 redirects sf16-website-login.neutral.ttwstatic.com
6	cdn.fonts.net	www.heinz.com cdn.fonts.net
3	sf16-website-login.neutral.ttwstatic.com	www.heinz.com www.tiktok.com
2	www.google.com	www.heinz.com www.gstatic.com
1	cdn.allotta.io	www.heinz.com
1	www.googletagmanager.com	www.heinz.com
1	experience.ninetailed.co	www.heinz.com
1	geolocation.onetrust.com	www.heinz.com
1	www.gstatic.com	www.google.com
1	o4504005838045184.ingest.sentry.io	www.heinz.com
1	khparis2024.ca	1 redirects
72	14

This site contains links to these domains. Also see Links.

Domain
www.tiktok.com
www.instagram.com
www.youtube.com
www.facebook.com
www.kraftcanada.ca
www.myfoodandfamily.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.heinz.com Sectigo RSA Organization Validation Secure Server CA	`2023-09-25` - `2024-09-24`	a year	crt.sh
fonts.net GTS CA 1P5	`2024-04-04` - `2024-07-03`	3 months	crt.sh
onetrust.com E1	`2024-05-16` - `2024-08-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-18` - `2025-01-13`	a year	crt.sh
ninetailed.co E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
cdn.allotta.io GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-11` - `2024-09-11`	a year	crt.sh
*.neutral.ttwstatic.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-06-30` - `2024-07-30`	a year	crt.sh
*.www.tiktok.com RapidSSL ECC CA 2018	`2023-11-09` - `2024-12-09`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.heinz.com/en-CA
Frame ID: A95C90436904E864F3C4A8220FF2FAC8
Requests: 67 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcXRoUpAAAAADJ6CJ5FqaTT4WpekunUmpOZHl7B&co=aHR0cHM6Ly93d3cuaGVpbnouY29tOjQ0Mw..&hl=en&v=joHA60MeME-PNviL59xVH9zs&size=invisible&cb=1jc6mbmi4648
Frame ID: B73FEDB31E47EFECAE032759ADDD7B8A
Requests: 1 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/v2/7064265650105224454?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA
Frame ID: 0A798B263EAFF223D8DD4380C9E02625
Requests: 1 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/v2/7138492977277717765?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA
Frame ID: 54CC2CBFF92F07748EFACCE290345671
Requests: 1 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/v2/7121772773936008453?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA
Frame ID: FEBF734F254987C55EC549CA806C1585
Requests: 1 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/v2/7116930278274223365?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA
Frame ID: 867A8FB0443CE3AD629EDA417239369C
Requests: 1 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/v2/7029744641691962630?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA
Frame ID: F0D751EF7E1901C82FCD31B5D7C06A3E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Heinz Official Site - Heinz® Canada | Heinz

Page URL History Show full URLs

https://khparis2024.ca/ HTTP 301
https://www.heinz.com/ HTTP 307
https://www.heinz.com/en-CA Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Page Statistics

72
Requests

97 %
HTTPS

60 %
IPv6

13
Domains

14
Subdomains

14
IPs

1
Countries

3880 kB
Transfer

10412 kB
Size

8
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tiktok.com/@heinz_ca

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heinz_ca/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCohNgWhRN9XWRxCJ0BbaQ8Q

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HeinzCA/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@heinz_ca/video/7116930278274223365?is_copy_url=1&is_from_webapp=v1&lang=en
Title: .rsme-spinner { border: 3px solid rgba(0,0,0,0.75); border-right-color: transparent; border-radius: 50%; animation: rsme-spin 1s linear infinite; } @keyframes rsme-spin { 0% { transform: rotate(0deg); } 100% { transform: rotate(360deg); } } View post on TikTok

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@heinz_ca/video/7029744641691962630?is_copy_url=1&is_from_webapp=v1&lang=en
Title: .rsme-spinner { border: 3px solid rgba(0,0,0,0.75); border-right-color: transparent; border-radius: 50%; animation: rsme-spin 1s linear infinite; } @keyframes rsme-spin { 0% { transform: rotate(0deg); } 100% { transform: rotate(360deg); } } View post on TikTok

Search URL Search Domain Scan URL

URL: https://www.kraftcanada.ca/contact_us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.myfoodandfamily.com/privacynotice
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://khparis2024.ca/ HTTP 301
https://www.heinz.com/ HTTP 307
https://www.heinz.com/en-CA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://www.tiktok.com/embed.js HTTP 302
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js

72 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request en-CA Show response
www.heinz.com/
Redirect Chain

https://khparis2024.ca/
https://www.heinz.com/
https://www.heinz.com/en-CA

712 KB
59 KB

1151ms
1151ms

Document
text/html

34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/en-CA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

Google Frontend / Next.js

Resource Hash

f83a3b6fd7fd59c67734e86cef175cd3df600c9d8844941f48d62ec62ab15f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=300
content-encoding: gzip
content-language: en
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 10:17:26 GMT
etag: "h8qb288yzyfmlc"
server: Google Frontend
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
via: 1.1 google
x-cache-hit: miss
x-powered-by: Next.js

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-language: en
content-length: 6
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
content-type: text/html
date: Fri, 24 May 2024 10:17:25 GMT
location: /en-CA
server: Google Frontend
strict-transport-security: max-age=31536000; preload
via: 1.1 google
x-cache-hit: miss
x-cloud-trace-context: 0caade8a336d84d8c0f41cfa9eee4cdc

GET
H2 200 335655b0-0dd3-11ed-9831-02c6998740a0.css
cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/ 3 KB
1 KB 560ms
195ms Stylesheet
text/css 2606:4700::6810:291c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Requested by: Host: www.heinz.com
URL: https://www.heinz.com/en-CA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:291c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2667e888219b42f87e7546d948de2f36c942fbedd4ca96ae5c52ddd51565d50d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:27 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: D3STSSVAP2ZTZTPM
age: 6729
x-amz-server-side-encryption: AES256
x-amz-id-2: TaWIIkjYuii67shvkYBwXmaMmi0rKQbyvdxcD0l+AH7AKLYaGTVZmOtOkCtoXtFZXX3GFPLH89AliXN7yJOrfA==
last-modified: Mon, 09 Jan 2023 08:40:31 GMT
server: cloudflare
etag: W/"b74d633881cc782b956dc22fa707fa02"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 888c8939ecf639cf-YYZ
expires: Fri, 24 May 2024 10:22:27 GMT

GET
H2 200 otSDKStub.js Show response
cdn-ukwest.onetrust.com/scripttemplates/ 21 KB
7 KB 538ms
161ms Script
application/javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 10:17:27 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Dw6K+rTuf8kOuPIEBw1QQA==
age: 70565
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6881
x-ms-lease-status: unlocked
last-modified: Tue, 14 May 2024 19:29:27 GMT
server: cloudflare
etag: 0x8DC744C2B5CAB65
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d06f667-f01e-0011-20d5-a6cd47000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 888c8939f9d036c7-YYZ
expires: Sat, 25 May 2024 10:17:27 GMT

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 561ms
140ms Script
text/javascript 2607:f8b0:4004:c1b::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LcXRoUpAAAAADJ6CJ5FqaTT4WpekunUmpOZHl7B&waf=session

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a14daf0e8fc4d267857209122973a1315ef55e5a63b7c37f4de4bc13440d94ff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 24 May 2024 10:17:27 GMT

GET
H3 200 ebb4611ace20cc4a.css
www.heinz.com/_next/static/css/ 150 KB
26 KB 80ms
78ms Stylesheet
text/css 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/css/ebb4611ace20cc4a.css

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

dc6350839316603317940ac60fd110d1fd7f6f46e7978f18171afdef9ead3222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:09:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
age: 480
x-guploader-uploadid: ABPtcPqopIO0eSVNW6RUi8a4Ui2upDFmOFdniBNM9YpXajfbLACi6A0ssEXxobvJrI7cP483J2vyz8jDRw
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26724
last-modified: Mon, 06 May 2024 18:03:10 GMT
server: UploadServer
etag: W/"609a8a16aed90002ed9ce305275fa111"
vary: Accept-Encoding
x-goog-generation: 1715018590294765
x-goog-hash: crc32c=7pkYBg==, md5=YJqKFq7ZAALtnOMFJ1+hEQ==
content-type: text/css
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 153240
accept-ranges: none

GET
H3 200 ad63afbf7fb7c47b.css
www.heinz.com/_next/static/css/ 5 KB
1 KB 88ms
86ms Stylesheet
text/css 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/css/ad63afbf7fb7c47b.css

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

3f3b31bb570f3e8215db239ef724f145f44a916978e8d33cf5bc9f8059191fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:09:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
age: 480
x-guploader-uploadid: ABPtcPpMbAZpMBdXhlvt7EY3TYcJu6EFDFuzCxBjTHukCC5InIP8zoFurI293hx7i8f7DFx67wc
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1330
last-modified: Mon, 06 May 2024 18:03:09 GMT
server: UploadServer
etag: W/"66a6d3a3e2fc1e39b3b26658d7aa94e5"
vary: Accept-Encoding
x-goog-generation: 1715018589960689
x-goog-hash: crc32c=Bt2r2w==, md5=ZqbTo+L8HjmzsmZY16qU5Q==
content-type: text/css
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 5629
accept-ranges: none

GET
H3 200 webpack-30f552a752e60198.js Show response
www.heinz.com/_next/static/chunks/ 7 KB
3 KB 134ms
128ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/webpack-30f552a752e60198.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

3450c324ccc77c337c1394efc7cb1ba35a90b891728e8bfcd124a017a1c22b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:09:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
age: 480
x-guploader-uploadid: ABPtcPriVXWpk9zOPcLI__fyzdbvDhTlH871DyGEOlQdWCd723AsDEugBJHE5_X3REKAc7khvf8
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2643
last-modified: Mon, 06 May 2024 18:03:09 GMT
server: UploadServer
etag: W/"9b1aba1aa5c5ebb46436a25e7c9dd4a5"
vary: Accept-Encoding
x-goog-generation: 1715018589231415
x-goog-hash: crc32c=NlJzHg==, md5=mxq6GqXF67RkNqJefJ3UpQ==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 6885
accept-ranges: none

GET
H3 200 framework-3326cec7ef174e8e.js Show response
www.heinz.com/_next/static/chunks/ 146 KB
46 KB 106ms
100ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/framework-3326cec7ef174e8e.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

4be864707ecb79ec664eec518a6655d5f9f5d9358f61e471fe4253d5eee525e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:09:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
age: 480
x-guploader-uploadid: ABPtcPq0i8TBc0wmx8HsXu-E1IPpnmToywt7w0U6fJEK5Eua8BXJnzXlk06W189cpXJ1G5IXAkg
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46721
last-modified: Mon, 06 May 2024 18:03:05 GMT
server: UploadServer
etag: W/"18bd41edac97925fcce3ff1d368e7af3"
vary: Accept-Encoding
x-goog-generation: 1715018585502152
x-goog-hash: crc32c=eyUSWw==, md5=GL1B7ayXkl/M4/8dNo568w==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 149632
accept-ranges: none

GET
H3 200 main-d7646808c5d1b152.js Show response
www.heinz.com/_next/static/chunks/ 130 KB
38 KB 137ms
131ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/main-d7646808c5d1b152.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

5535c82f713014869baf5ff7fa211de341f2eae294fc05e6c6ac9786d22c6c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:09:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
age: 480
x-guploader-uploadid: ABPtcPoG02FW2DOfuSBPdIpDqW--I8CrfuhwaABYq5_dI_q7BNHwg18tbf7uhtMGTZmALfY0wGQ
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38427
last-modified: Mon, 06 May 2024 18:03:05 GMT
server: UploadServer
etag: W/"0f8ca3a6e9e1f4a7b1542203c599c150"
vary: Accept-Encoding
x-goog-generation: 1715018585746465
x-goog-hash: crc32c=lecb4Q==, md5=D4yjpunh9KexVCIDxZnBUA==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 133359
accept-ranges: none

GET
H3 200 _app-f588bdd844158924.js Show response
www.heinz.com/_next/static/chunks/pages/ 4 MB
1 MB 253ms
248ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/pages/_app-f588bdd844158924.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

251ed8f1de16e0020dd376dd7c680b96ecd5b32e62004ca28ddb1a4b32e68e47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
x-guploader-uploadid: ABPtcPqrXMGCxoWeov6m7mEXflKpiwEsdXTej27lmOoPbRnrFWQJXI51V6xG05Rw-lHHdFiuaIn7slk86A
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 06 May 2024 18:03:07 GMT
server: UploadServer
etag: W/"394bc10dcdd4e3e947f8b519e120a659"
vary: Accept-Encoding
x-goog-generation: 1715018587085869
content-type: application/javascript
x-goog-hash: crc32c=ur4ZgA==, md5=OUvBDc3U4+lH+LUZ4SCmWQ==
cache-control: public,max-age=3600
x-cache-hit: miss
x-goog-stored-content-length: 4684996
accept-ranges: none

GET
H3 200 4dd7a1cf-cd3ddaebd5e062e3.js Show response
www.heinz.com/_next/static/chunks/ 592 KB
160 KB 176ms
171ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/4dd7a1cf-cd3ddaebd5e062e3.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

c050395268cb6954f382b23b8aac30ce63dbe1411c6763d06a678ceab9b0b3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:09:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
age: 480
x-guploader-uploadid: ABPtcPq-IxBUM52QxcuOuiMiztCTb767QrolW1_cRq9oS7KytDNgszku7-SzsE9hT3A7ywAMHG2tsCtJ9Q
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163419
last-modified: Mon, 06 May 2024 18:03:01 GMT
server: UploadServer
etag: W/"001f6fdb5cfc9e1d7700193fcc91caaf"
vary: Accept-Encoding
x-goog-generation: 1715018581953907
x-goog-hash: crc32c=W/Qs+Q==, md5=AB9v21z8nh13ABk/zJHKrw==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 606402
accept-ranges: none

GET
H3 200 2fbf9dd2-8698f4c02fd19d1b.js Show response
www.heinz.com/_next/static/chunks/ 346 KB
82 KB 214ms
209ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/2fbf9dd2-8698f4c02fd19d1b.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

21a47f7ae5f68d098c81dca6a9baeeb5e151138ec465aa06c77bca88a82b744d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:09:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
age: 480
x-guploader-uploadid: ABPtcPqTj48IUz1j8Q1E6n3QnSsl5LkSF1PXjP4qrKuSeU5tOKpU09wXCEi1KvdaQ2Oi1F1zhXY
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84159
last-modified: Mon, 06 May 2024 18:03:01 GMT
server: UploadServer
etag: W/"c949502939411d3b2b2a3a2921fa6b4d"
vary: Accept-Encoding
x-goog-generation: 1715018581278532
x-goog-hash: crc32c=+CTWEw==, md5=yUlQKTlBHTsrKjopIfprTQ==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 354344
accept-ranges: none

GET
H3 200 982-6d7f0137604c4d5f.js Show response
www.heinz.com/_next/static/chunks/ 256 KB
80 KB 197ms
192ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/982-6d7f0137604c4d5f.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

22dc26c72c5fff992ecb6350d98c48ff9555f33d5867fdd05b9306fc66aa2568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:09:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
age: 480
x-guploader-uploadid: ABPtcPrjBCeMoyLyFgFjF_pVQDF0YoSHBkVs8843gKxXPoHHdqrAoW7LDhvfOZYANN4PfdAg2DE
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81679
last-modified: Mon, 06 May 2024 18:03:04 GMT
server: UploadServer
etag: W/"e8f31bb834fec76b0a0a0e7fe4d7e1e5"
vary: Accept-Encoding
x-goog-generation: 1715018584641195
x-goog-hash: crc32c=e4/lwg==, md5=6PMbuDT+x2sKCg5/5Nfh5Q==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 262058
accept-ranges: none

GET
H3 200 783-f7163d0c6834d621.js Show response
www.heinz.com/_next/static/chunks/ 76 KB
19 KB 228ms
225ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/783-f7163d0c6834d621.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

bc47f5ca73ec24226eb41af2e1044227c50645012a8551f4a4f4043119f5b38f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:09:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
age: 480
x-guploader-uploadid: ABPtcPpgnfE7Bc3HSjk6MDXpJAuNHyHL3NWU1lct8jcQFhyLCSMGT-QruVHJ6CLKL_g9nSkPZek
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18970
last-modified: Mon, 06 May 2024 18:03:03 GMT
server: UploadServer
etag: W/"a24208f320538bfbd778ce084e49152a"
vary: Accept-Encoding
x-goog-generation: 1715018583264283
x-goog-hash: crc32c=YDdxQg==, md5=okII8yBTi/vXeM4ITkkVKg==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 78180
accept-ranges: none

GET
H3 200 index-fe3b9a9ee626c860.js Show response
www.heinz.com/_next/static/chunks/pages/ 7 KB
3 KB 319ms
316ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/pages/index-fe3b9a9ee626c860.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

cebb76038c9ca70f204c29add9ccb351beb25d68c3af955251750152b98e65ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
x-guploader-uploadid: ABPtcPoNInX76r02FcYFoQg510C1qpaHGuRivI9nbKpIGzvJINP9AsirQInOCNkAfFtY5Vq2xt1DCOs58A
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 06 May 2024 18:03:07 GMT
server: UploadServer
etag: W/"127579fe96a7d14705b14f4c966d751d"
vary: Accept-Encoding
x-goog-generation: 1715018587875012
content-type: application/javascript
x-goog-hash: crc32c=IJqGtQ==, md5=EnV5/pan0UcFsU9Mlm11HQ==
cache-control: public,max-age=3600
x-cache-hit: miss
x-goog-stored-content-length: 6832
accept-ranges: none

GET
H3 200 _buildManifest.js Show response
www.heinz.com/_next/static/WCgXQLGeqLewYNKD2IIAQ/ 3 KB
797 B 237ms
235ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/WCgXQLGeqLewYNKD2IIAQ/_buildManifest.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

8d04a600ff158f257f4a6a0767487b4241951a6e237d393ebb3bf9f70754e66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:09:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
age: 480
x-guploader-uploadid: ABPtcPrRCAXdd-Eb04jNBh1yGzkkvu7Y7a8xqq7iz-Xzp0rxC6lzpV7Mh71HvnzFq1n70cy31t0
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 751
last-modified: Mon, 06 May 2024 18:02:59 GMT
server: UploadServer
etag: W/"c8e75189c3bd6d6c52e26a13f1254874"
vary: Accept-Encoding
x-goog-generation: 1715018579997323
x-goog-hash: crc32c=+YIlHg==, md5=yOdRicO9bWxS4moT8SVIdA==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 2721
accept-ranges: none

GET
H3 200 _ssgManifest.js Show response
www.heinz.com/_next/static/WCgXQLGeqLewYNKD2IIAQ/ 103 B
144 B 237ms
235ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/WCgXQLGeqLewYNKD2IIAQ/_ssgManifest.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

792318d91d50f2a952e08ec9ad3a4c081d969d62730ef9d4a567da45c8ad635d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:09:26 GMT
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018524
age: 480
x-guploader-uploadid: ABPtcPr-sq4dxEQRM9Bg6vnMDTZQBcbjoS_n49tJ2hUSoM1CAF5ICUoNCtqW6yvJTyaJoOCdLv0
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103
last-modified: Mon, 06 May 2024 18:03:00 GMT
server: UploadServer
etag: "e0ab33f6a72b36a3070f397c017ab85e"
x-goog-generation: 1715018580090581
x-goog-hash: crc32c=3Pg/DA==, md5=4Ksz9qcrNqMHDzl8AXq4Xg==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 103
accept-ranges: bytes

POST /
o4504005838045184.ingest.sentry.io/api/4505410929033216/security/ 0
0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 1.css
cdn.fonts.net/t/ 0
186 B 106ms
104ms Stylesheet
text/css 2606:4700::6810:291c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fonts.net/t/1.css?apiType=css&projectid=335655b0-0dd3-11ed-9831-02c6998740a0
Requested by: Host: cdn.fonts.net
URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:291c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:27 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: A01W8WDFCB1KRJGH
age: 144813
x-amz-server-side-encryption: AES256
content-length: 0
x-amz-id-2: gAiDTJeUVvffH7piKj+OOVHQF9tdIS9czG5wjvgyMW5Xuo1JGBA8Lb6B7XATL4WnAudVCHj5/NU=
last-modified: Thu, 20 Oct 2022 08:49:27 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 888c893b1da639cf-YYZ
expires: Fri, 24 May 2024 10:22:27 GMT

GET
H2 200 98163a3e-f400-4c61-8d40-747a07bc5c49.json Show response
cdn-ukwest.onetrust.com/consent/98163a3e-f400-4c61-8d40-747a07bc5c49/ 6 KB
2 KB 486ms
125ms XHR
application/x-javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/98163a3e-f400-4c61-8d40-747a07bc5c49/98163a3e-f400-4c61-8d40-747a07bc5c49.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cfef4fd98c8704761a67bfc0eb95d3adac926b5972f7bc9b6f90ad496b51b4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 10:17:27 GMT
content-encoding: gzip
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 77784
content-md5: a3Ps3KS5nNMUQooSq0JafQ==
content-length: 1782
x-ms-lease-status: unlocked
last-modified: Wed, 28 Feb 2024 14:47:20 GMT
server: cloudflare
etag: 0x8DC386C2AFB5F76
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 98c24858-901e-0081-6a08-7cf729000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 888c893d68abac31-YYZ

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/ 522 KB
207 KB 523ms
118ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LcXRoUpAAAAADJ6CJ5FqaTT4WpekunUmpOZHl7B&waf=session

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0e3acc54460721385d2e472dda7288382f2766a06b38d2e732d034619f9b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Origin: https://www.heinz.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 05:49:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211646
x-xss-protection: 0
last-modified: Mon, 20 May 2024 04:00:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 May 2025 05:49:45 GMT

POST
H2 200 / Show response
o4504005838045184.ingest.sentry.io/api/4504021996470272/envelope/ 2 B
67 B 99ms
98ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4504005838045184.ingest.sentry.io/api/4504021996470272/envelope/?sentry_key=5bd832e64a6f43019aa63691f23db074&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.112.2

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-f588bdd844158924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 May 2024 10:17:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 HeinzLabelW05Regular_normal_normal.woff2
cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/HeinzLabelW05Regular/ 17 KB
18 KB 631ms
272ms Font
font/woff2 2606:4700::6810:291c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/HeinzLabelW05Regular/HeinzLabelW05Regular_normal_normal.woff2
Requested by: Host: cdn.fonts.net
URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:291c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 796534e97cbd7552a0cca284780dbd626c4958d2dda032d0f3784138b085317c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Origin: https://www.heinz.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 8Y5YC4KD2KJK700N
age: 5492
x-amz-server-side-encryption: AES256
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=uxFnXntduCqYWYGGEMnG1CzCAgWEEolFW7K0wF5ONp0-1716545848-1.0.1.1-nOtLp1RmqtzgjgtCB9PrbzNefnkR24o7nhIquGMKlaeIU2LnIJmesbputf2LycFE87DzodoYNKlXucKWh7T.vxcBkoXMGQz4KyS3JBZ5cwdoy0KFv7VYnFrQyrDwqeR2Nee6eA1FYYEAiaNKJPLYQQ; report-to cf-csp-endpoint
content-length: 17816
x-amz-id-2: 6nTWkE8lkk26KtJnguecx5am1NH9OFmLKyKx/Kof8CcArfGxNj47AM4JSnOGE6vbyNVI46pgdps=
last-modified: Mon, 09 Jan 2023 08:40:31 GMT
server: cloudflare
etag: "2e08c4c8f3c62047a5caa477ffc46884"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=uxFnXntduCqYWYGGEMnG1CzCAgWEEolFW7K0wF5ONp0-1716545848-1.0.1.1-nOtLp1RmqtzgjgtCB9PrbzNefnkR24o7nhIquGMKlaeIU2LnIJmesbputf2LycFE87DzodoYNKlXucKWh7T.vxcBkoXMGQz4KyS3JBZ5cwdoy0KFv7VYnFrQyrDwqeR2Nee6eA1FYYEAiaNKJPLYQQ"}],"group":"cf-csp-endpoint","max_age":86400}
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 888c8942a827ac88-YYZ
expires: Fri, 24 May 2024 10:22:28 GMT

GET
H2 200 IntroRegular_normal_normal.woff2
cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/Intro/ 46 KB
46 KB 545ms
187ms Font
font/woff2 2606:4700::6810:291c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/Intro/IntroRegular_normal_normal.woff2
Requested by: Host: cdn.fonts.net
URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:291c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9170bc6ca29054b4e7a48b59e8a0c95343163dce5e876ab3b61b1e32fe8f3b0b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Origin: https://www.heinz.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: Q505TT1KFKR121Y9
age: 5492
x-amz-server-side-encryption: AES256
content-length: 46708
x-amz-id-2: K1RbeFLzawTXMPIiTbN6hzVQTuu5ZjRQfHVkIe1pwwIQ3Lyi+RGMs9jDRoStuecvfuGt+bwZr6U=
last-modified: Mon, 09 Jan 2023 08:40:31 GMT
server: cloudflare
etag: "94abfdf5010dd54891c004f84b95348a"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 888c8942a828ac88-YYZ
expires: Fri, 24 May 2024 10:22:28 GMT

GET
H2 200 IntroBold_normal_normal.woff2
cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/Intro/ 47 KB
48 KB 464ms
106ms Font
font/woff2 2606:4700::6810:291c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/Intro/IntroBold_normal_normal.woff2
Requested by: Host: cdn.fonts.net
URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:291c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7041a6c76e46c7bed26fd75072d65d91b42a24e3041e2365b68d37eaf73f94f6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Origin: https://www.heinz.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: ZPZ7BY4QSK8FXK5K
age: 5841
x-amz-server-side-encryption: AES256
content-length: 48088
x-amz-id-2: 4yHe6knH1WyeBGd3jLtgeoR8+8h8H3sM0FmC94E2zPzp7pdcTgQfZ1tBsVwvBHXAUPJh/kiSHOk=
last-modified: Mon, 09 Jan 2023 08:40:31 GMT
server: cloudflare
etag: "d5a85038527c85636c2d04d1c45251a9"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 888c8942a829ac88-YYZ
expires: Fri, 24 May 2024 10:22:28 GMT

GET
H2 200 IntroSemiBold_normal_normal.woff2
cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/Intro/ 46 KB
46 KB 596ms
238ms Font
font/woff2 2606:4700::6810:291c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/Intro/IntroSemiBold_normal_normal.woff2
Requested by: Host: cdn.fonts.net
URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:291c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dcde4be61d423113da8899b1cca4fc9bbca7b339869148c65fc2bfb4799f957

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Origin: https://www.heinz.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: G9XRKK3KW8AKFK1X
age: 5492
x-amz-server-side-encryption: AES256
content-length: 47032
x-amz-id-2: IL+60WYybxftfMT1p+QjBkJKnY6LzcdpGhFafzH9wGvWe1SZ3CKl4YL42wy1MKxpiSTDtS8lQTE=
last-modified: Mon, 09 Jan 2023 08:40:31 GMT
server: cloudflare
etag: "c56fe162665e4d469f7fcbd4ea33ece1"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 888c8942a82aac88-YYZ
expires: Fri, 24 May 2024 10:22:28 GMT

GET
H2 200 BBQ_hero_mobile_psmezj
res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_1024/f_auto/q_auto/v1/dxp-images/heinz/ 77 KB
77 KB 624ms
157ms Image
image/avif 2600:1408:c400:385::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_1024/f_auto/q_auto/v1/dxp-images/heinz/BBQ_hero_mobile_psmezj?_a=BAVAfVIB0

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:385::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

203e7754933db0406510bb029970caec6015b58efae2308e3254e03719410a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Fri, 05 Apr 2024 18:23:37 GMT
server: Cloudinary
etag: "439ed4cabe21d8efaf7137892ad6d62e"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
server-timing: cld-akam;dur=22;start=2024-05-24T10:17:28.594Z;desc=miss,rtt;dur=66,content-info;desc="width=1024,height=1024,bytes=78566,owidth=1024,oheight=1024,obytes=1687175,ef=(1,11,14,17,97)",cloudinary;dur=67;start=2024-05-06T15:57:26.978Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 78566

GET
H2 200 Heinz-Newsletter-Subscription-Mobile_nj1xjt
res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_1125/f_auto/q_auto/v1/dxp-images/heinz/global/ 60 KB
60 KB 615ms
149ms Image
image/avif 2600:1408:c400:385::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_1125/f_auto/q_auto/v1/dxp-images/heinz/global/Heinz-Newsletter-Subscription-Mobile_nj1xjt?_a=BAVAfVIB0

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:385::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

38a47f112a28751121d8096c0cdf8906f8364441eaeebaa342dba502e588b158

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2024 03:42:33 GMT
server: Cloudinary
etag: "a99f01f5876d2f433c3db6e1e2a8727a"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
server-timing: cld-akam;dur=22;start=2024-05-24T10:17:28.594Z;desc=hit-near,rtt;dur=66,content-info;desc="width=1125,height=1125,bytes=61068,owidth=1125,oheight=1125,obytes=219625,ef=(1,11,14,17,97)"
accept-ranges: bytes
timing-allow-origin: *
content-length: 61068

GET
H2 200 Home-Heinz-Sauces-Tablet-Mobile-CAN_jdgoe9
res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_1792/f_auto/q_auto/v1/dxp-images/heinz/or-creative-content-panel/ 85 KB
86 KB 832ms
366ms Image
image/avif 2600:1408:c400:385::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_1792/f_auto/q_auto/v1/dxp-images/heinz/or-creative-content-panel/Home-Heinz-Sauces-Tablet-Mobile-CAN_jdgoe9?_a=BAVAfVIB0

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:385::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

ba09151245c0fe7c88b0661a87aaabf65a1d8a60fb1b45e71c083f6a6818b1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 14:49:29 GMT
server: Cloudinary
etag: "9d4d722046dc0cfa4f4f8ab8e9cd207e"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
server-timing: cld-akam;dur=58;start=2024-05-24T10:17:28.594Z;desc=miss,rtt;dur=66,content-info;desc="width=1792,height=1956,bytes=87372,owidth=1792,oheight=1956,obytes=1345659,ef=(1,11,14,17,97)",cloudinary;dur=120;start=2024-05-07T15:57:28.387Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 87372

GET
H2 200 Home-Heinz-Sustainability-Commitment-EN-Tablet-Mobile_lxgree
res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_2835/c_limit,w_1920/f_auto/q_auto/v1/dxp-images/heinz/or-creative-content-panel/ 63 KB
64 KB 623ms
158ms Image
image/avif 2600:1408:c400:385::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_2835/c_limit,w_1920/f_auto/q_auto/v1/dxp-images/heinz/or-creative-content-panel/Home-Heinz-Sustainability-Commitment-EN-Tablet-Mobile_lxgree?_a=BAVAfVIB0

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:385::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

e3f3a6819e48e60c18a968f1686328b118fa201049356d2fb2eee6d299338052

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2024 20:33:05 GMT
server: Cloudinary
etag: "f75cfbbfa9733324407a91c542f23922"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
server-timing: cld-akam;dur=22;start=2024-05-24T10:17:28.594Z;desc=hit-near,rtt;dur=66,content-info;desc="width=1920,height=2158,bytes=64513,owidth=2835,oheight=3186,obytes=328092,ef=(1,11,14,17,97)"
accept-ranges: bytes
timing-allow-origin: *
content-length: 64513

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 67 B
238 B 116ms
112ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-f588bdd844158924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66707b7434e14fc523f2fc692e4a190958a02598dd3d9c45ec0f65f90091727b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
accept: application/json
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 888c893fb9c8ac31-YYZ
access-control-allow-headers: Content-Type

GET
H3 200 bcdf501dca0cceb1.css
www.heinz.com/_next/static/css/ 1 KB
408 B 121ms
121ms Stylesheet
text/css 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/css/bcdf501dca0cceb1.css

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/webpack-30f552a752e60198.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

f2c47aba706362c2335b086a342d09bb88ca093687993684dc0f65ed2542d2d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
x-guploader-uploadid: ABPtcPoQS-78nkrnIX14PE6B5NyfimA5lUgy300ygD3ort6G8NNk-C6g0KzW90Go4PeiEyWbcHr6ITpkJQ
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 06 May 2024 18:03:10 GMT
server: UploadServer
etag: W/"6a8152737598594ef33647235878c145"
vary: Accept-Encoding
x-goog-generation: 1715018590119110
content-type: text/css
x-goog-hash: crc32c=pTbshw==, md5=aoFSc3WYWU7zNkcjWHjBRQ==
cache-control: public,max-age=3600
x-cache-hit: miss
x-goog-stored-content-length: 1120
accept-ranges: none

GET
H3 200 87.cadd9881cb7a0eba.js Show response
www.heinz.com/_next/static/chunks/ 16 KB
5 KB 122ms
122ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/87.cadd9881cb7a0eba.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/webpack-30f552a752e60198.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

e698fc10305a573b7ae5280102b7c066cf5ffa811ecb1f58217d64a7b03a5814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
x-guploader-uploadid: ABPtcPqlqcZH7Vk59I99ZoL1vdperPfxA1IaibPbSUZm1zYnAdJTmkAFQbHqVYlYVg2DC4CVRGMr066oLQ
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 06 May 2024 18:03:04 GMT
server: UploadServer
etag: W/"4cc625cd6c7a76314aabd18a70a32be3"
vary: Accept-Encoding
x-goog-generation: 1715018584166198
content-type: application/javascript
x-goog-hash: crc32c=tm3Akg==, md5=TMYlzWx6djFKq9GKcKMr4w==
cache-control: public,max-age=3600
x-cache-hit: miss
x-goog-stored-content-length: 16104
accept-ranges: none

POST
H3 200 profiles Show response
experience.ninetailed.co/v2/organizations/1ddf955f-cfd8-4fed-b4aa-4569fde3ec09/environments/main/ 3 KB
2 KB 534ms
206ms Fetch
application/json 2606:4700::6812:166b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experience.ninetailed.co/v2/organizations/1ddf955f-cfd8-4fed-b4aa-4569fde3ec09/environments/main/profiles
Requested by: Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-f588bdd844158924.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:166b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8c696f68bb0e740959f6b74e98ea637fb946c4bdae360f3334f4d4bcc5b2a16

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
content-encoding: gzip
server: cloudflare
traceparent: 00-bf4ac876d8568a2d630765700cc2d97a-97c74052665026fd-00
x-ninetailed-telemetry-events-page: 1
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-ninetailed-telemetry-events-identify: 0
x-ninetailed-telemetry-events-merge: 0
cf-ray: 888c89427fc1aaf8-YYZ
alt-svc: h3=":443"; ma=86400
x-ninetailed-telemetry-events-track: 0

GET
H2

200

embed_v1.0.12.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/
Redirect Chain

https://www.tiktok.com/embed.js
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js

40 KB
14 KB

558ms
106ms

Script
application/javascript

23.46.156.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js
Requested by: Host: www.heinz.com
URL: https://www.heinz.com/en-CA
Protocol: H2
Server: 23.46.156.157 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-46-156-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dc15d2dbaaafa80d89a77adf365ea3a2a728c8eefc36b9872b06b78d7d919b49

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.heinz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 9e08e59
date: Fri, 24 May 2024 10:17:29 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: 9V0JLxhpwMvoJafbvKO0pQ==
x-cache: TCP_MEM_HIT from a23-46-151-157.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 13263
last-modified: Mon, 22 Jan 2024 19:32:27 GMT
opc-request-id: iad-1:fCqdon7Eal6RlFkfu077lO4qYc__y5u30k-v9uOmW7Gxh5PnoqVBnrV5sGNNToLu
x-api-id: native
etag: b2f83e35-5705-4835-962f-dbe0d55871a0
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 13fb1b8e-79ca-40e8-8dec-c5db316da63b
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 23 Jun 2024 10:17:29 GMT

Redirect headers

x-akamai-request-id: 5c1a18d5
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; upgrade-insecure-requests ; report-to csp-endpoint; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=a38d958f-8b29-4cf6-ab9f-3c12ef9e7632
date: Fri, 24 May 2024 10:17:28 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2405241017272ED236E5B24A810C1ACA-3340C0674D4B66CA-00
x-cache: TCP_MISS from a23-202-158-7.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=8
content-length: 136
reporting-endpoints: csp-endpoint="https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
proxy-status: 0000201302026000
pragma: no-cache
server: TLB
x-tt-logid: 202405241017272ED236E5B24A810C1ACA
content-type: text/html
location: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.202.158.7
x-tt-trace-host: 01426287e4445b5ff20f4095011fe5ae837344408eb02be8b6b055540f95f3a39b9e0db2a5aa68ab76c7453b798aacb60912563122f53256c245a6cd6a3060650b
expires: Fri, 24 May 2024 10:17:28 GMT

GET
H3 204 me
www.heinz.com/api/auth/ 0
0 115ms
115ms Fetch
text/html 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/api/auth/me

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-f588bdd844158924.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.heinz.com/en-CA
baggage: sentry-environment=prd,sentry-release=dxp-heinz-dot-com%40v1.17.0-1-g8279871,sentry-public_key=5bd832e64a6f43019aa63691f23db074,sentry-trace_id=0efd67a0f88f456c8970c71f6a685697,sentry-sample_rate=0.2,sentry-transaction=%2F,sentry-sampled=false
sentry-trace: 0efd67a0f88f456c8970c71f6a685697-ac2fac4951fff553-0
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
via: 1.1 google
strict-transport-security: max-age=31536000; preload
server: Google Frontend
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
content-type: text/html
x-cloud-trace-context: 07620f417f5f683847b7e2512faa76f9
x-cache-hit: miss
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 327 KB
89 KB 577ms
172ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W2PBNCL&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d00cc82ccfb01d6d4c65237b763322ad26cf13a07b34ccf30caea12cd868141e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90553
x-xss-protection: 0
last-modified: Fri, 24 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 May 2024 10:17:28 GMT

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame B73F 0
0 549ms
137ms Document
text/html 2607:f8b0:4004:c1b::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcXRoUpAAAAADJ6CJ5FqaTT4WpekunUmpOZHl7B&co=aHR0cHM6Ly93d3cuaGVpbnouY29tOjQ0Mw..&hl=en&v=joHA60MeME-PNviL59xVH9zs&size=invisible&cb=1jc6mbmi4648

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mpsEfVnC34p8Zgt6jlC2CQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.heinz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mpsEfVnC34p8Zgt6jlC2CQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 May 2024 10:17:28 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 otBannerSdk.js Show response
cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/ 430 KB
105 KB 125ms
124ms Script
application/javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/otBannerSdk.js

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e789e43937c7abc5959eba06825459f4e08e050ff9ea43ab8ec5a041a3e7558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 10:17:28 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 5m3SVn9yaQSlRqLvlzjrBg==
age: 33250
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 106956
x-ms-lease-status: unlocked
last-modified: Fri, 23 Feb 2024 19:52:11 GMT
server: cloudflare
etag: 0x8DC34A8ECCE7C0E
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 81539ae2-801e-001b-0b08-7c69f0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 888c8940f9ff36c7-YYZ
expires: Sat, 25 May 2024 10:17:28 GMT

GET
H3 200 277.4554a2699fd7619f.js
www.heinz.com/_next/static/chunks/ 3 KB
1 KB 120ms
120ms Other
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/277.4554a2699fd7619f.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

ab49b7a85d348897b96a1fc53afb04741dd66a4df52a4ca5cb8b844f2da9d6ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
x-guploader-uploadid: ABPtcPrb6CnmbntdFwXZqSkVzcND5MeWyyDx-JJhDX7kDy9iEs6j6r0VqyIwmGvaAH2RV6xaPN-lM_1Fiw
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 06 May 2024 18:03:00 GMT
server: UploadServer
etag: W/"9b8e3fe34efc30e43213bf4c59f89a97"
vary: Accept-Encoding
x-goog-generation: 1715018580772451
content-type: application/javascript
x-goog-hash: crc32c=4bupcQ==, md5=m44/4078MOQyE79MWfialw==
cache-control: public,max-age=3600
x-cache-hit: miss
x-goog-stored-content-length: 3268
accept-ranges: none

GET
H2 200 Heinz-Newsletter-Subscription-Desktop_qlza5j
res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_1920/f_auto/q_auto/v1/dxp-images/heinz/global/ 49 KB
50 KB 438ms
366ms Image
image/avif 2600:1408:c400:385::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_1920/f_auto/q_auto/v1/dxp-images/heinz/global/Heinz-Newsletter-Subscription-Desktop_qlza5j?_a=BAVAfVIB0

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:385::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

549aee2aa3f0a2176ba56ec2a0e8e871b03bea50363392c9611ee092dae79fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Tue, 16 Apr 2024 15:16:46 GMT
server: Cloudinary
etag: "36636505dcb4858cc20e30493badb754"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
server-timing: cld-akam;dur=33;start=2024-05-24T10:17:28.594Z;desc=miss,rtt;dur=66,content-info;desc="width=1920,height=1080,bytes=50536,owidth=5760,oheight=3240,obytes=1121836,ef=(1,11,14,17,97)",cloudinary;dur=46;start=2024-05-07T13:37:02.656Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 50536

GET
H2 200 BBQ_hero_desktop_yteft0
res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_1920/f_auto/q_auto/v1/dxp-images/heinz/ 73 KB
74 KB 315ms
256ms Image
image/avif 2600:1408:c400:385::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_1920/f_auto/q_auto/v1/dxp-images/heinz/BBQ_hero_desktop_yteft0?_a=BAVAfVIB0

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:385::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

612dc12ea29f3cc3d7213ec034a0ba36bc06d5ad90f2231324078337e4f95299

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2024 21:35:07 GMT
server: Cloudinary
etag: "cb66ad36d9634ab94a52d929992a8974"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
server-timing: cld-akam;dur=35;start=2024-05-24T10:17:28.594Z;desc=miss,rtt;dur=66,content-info;desc="width=1920,height=867,bytes=74961,owidth=2560,oheight=1156,obytes=2662173,ef=(1,11,14,17,97)",cloudinary;dur=99;start=2024-05-23T14:15:17.426Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 74961

GET
H2 200 Home-Heinz-Sauces-Desktop-CAN_2_bz79ii
res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_1920/f_auto/q_auto/v1/dxp-images/heinz/or-creative-content-panel/ 71 KB
71 KB 354ms
353ms Image
image/avif 2600:1408:c400:385::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_1920/f_auto/q_auto/v1/dxp-images/heinz/or-creative-content-panel/Home-Heinz-Sauces-Desktop-CAN_2_bz79ii?_a=BAVAfVIB0

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:385::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

a57093ee398e9f841f07cca8fc089d5ba01403820739eb7b7ac3e0792cf40c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2024 17:23:20 GMT
server: Cloudinary
etag: "695ad4a724ba8caa65d91dbacaea1df9"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
server-timing: cld-akam;dur=18;start=2024-05-24T10:17:28.628Z;desc=miss,rtt;dur=53,content-info;desc="width=1920,height=1222,bytes=72238,owidth=3456,oheight=2200,obytes=3368612,ef=(1,11,14,17,97)",cloudinary;dur=133;start=2024-05-23T18:03:12.400Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 72238

GET
H2 200 Quiz_creative_content_feed_2_ara95f.png
res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/ 20 KB
21 KB 363ms
362ms Image
image/avif 2600:1408:c400:385::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/Quiz_creative_content_feed_2_ara95f.png

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:385::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

c6b60c8cd87dc7c1e47793a6200c6abaaae64b23b92b2662e6a891fcbf6c6d44

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Mon, 29 May 2023 19:00:20 GMT
server: Cloudinary
etag: "e12fa5bc731b02ee0343656b6333b210"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=31536000
server-timing: cld-akam;dur=22;start=2024-05-24T10:17:28.628Z;desc=hit-near,rtt;dur=53,content-info;desc="width=400,height=600,owidth=400,oheight=600,obytes=121402"
accept-ranges: bytes
timing-allow-origin: *
content-length: 20739

GET
H2 200 Homepage-Explore-GarlicLemonShrimpKabas_wdfwzb.png
res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/ 56 KB
56 KB 373ms
371ms Image
image/avif 2600:1408:c400:385::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/Homepage-Explore-GarlicLemonShrimpKabas_wdfwzb.png

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:385::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

a81721c05467d9c1b1907dd9c2511ff39890ef81f9f700164c37cf0e18829b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 15:38:22 GMT
server: Cloudinary
etag: "f063e01cd0f0c543a563cff61ff73149"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=31536000
server-timing: cld-akam;dur=18;start=2024-05-24T10:17:28.654Z;desc=hit-near,rtt;dur=46,content-info;desc="width=801,height=1202,bytes=57048,owidth=801,oheight=1202,obytes=1158903"
accept-ranges: bytes
timing-allow-origin: *
content-length: 57048

GET
H2 200 Homepage-Explore-SeafoodCocktail_tnnvks.png
res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/ 48 KB
48 KB 373ms
372ms Image
image/avif 2600:1408:c400:385::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/Homepage-Explore-SeafoodCocktail_tnnvks.png

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:385::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

c01bb9479ac12b0a466eea7b1d26de284f8daad016fe26d2710c2399d620f8be

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 19:16:32 GMT
server: Cloudinary
etag: "b1d3fccba24c2c7f656b064d24927579"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=31536000
server-timing: cld-akam;dur=34;start=2024-05-24T10:17:28.654Z;desc=miss,rtt;dur=46,content-info;desc="width=801,height=1202,bytes=48955,owidth=801,oheight=1202,obytes=716781",cloudinary;dur=54;start=2024-05-23T14:03:23.389Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 48955

GET
H2 200 Homepage-Explore-FallMessaging_zdf6jh.png
res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/ 126 KB
126 KB 373ms
372ms Image
image/avif 2600:1408:c400:385::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/Homepage-Explore-FallMessaging_zdf6jh.png

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:385::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

35b50e3378253b62dccb9433cafa6c29e17948c1da7dc73d9ff474c92324b0d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 19:16:34 GMT
server: Cloudinary
etag: "99f686dc074ec6ce45d01400bfa3f108"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=31536000
server-timing: cld-akam;dur=21;start=2024-05-24T10:17:28.654Z;desc=hit-near,rtt;dur=46,content-info;desc="width=801,height=1202,bytes=128682,owidth=801,oheight=1202,obytes=1475724"
accept-ranges: bytes
timing-allow-origin: *
content-length: 128682

GET
H3 200 %5B...slug%5D-10c5f4464e80f4d4.js
www.heinz.com/_next/static/chunks/pages/ 0
2 KB 144ms
143ms Other
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/pages/%5B...slug%5D-10c5f4464e80f4d4.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/main-d7646808c5d1b152.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
x-guploader-uploadid: ABPtcPpB0RrVmetOq7bsm2STPLj3tFAHZvplf5TgsyK6CT4ZoAek89lrnQ3ZEFdOOBCv09h4v65l-TCgmA
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 06 May 2024 18:03:06 GMT
server: UploadServer
etag: W/"00728e899e931e65744d05d3db62e4c0"
vary: Accept-Encoding
x-goog-generation: 1715018586025308
content-type: application/javascript
x-goog-hash: crc32c=x1FGoQ==, md5=AHKOiZ6THmV0TQXT22LkwA==
cache-control: public,max-age=3600
x-cache-hit: miss
x-goog-stored-content-length: 5583
accept-ranges: none

GET
H3 200 %5B...recipe-entryTitle%5D-57ddf1e3740f2292.js
www.heinz.com/_next/static/chunks/pages/recipes/ 0
1 KB 120ms
119ms Other
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/pages/recipes/%5B...recipe-entryTitle%5D-57ddf1e3740f2292.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/main-d7646808c5d1b152.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
x-guploader-uploadid: ABPtcPraEY2ZcKpk7i6gs3vpAWJyh4xGG-Vymm5cvFbSaMFUg6MbtwxBjRqRpPj3iFNk1paLDP6Gyy1rUg
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 06 May 2024 18:03:08 GMT
server: UploadServer
etag: W/"b4714119ff94ae3691100689c72046c6"
vary: Accept-Encoding
x-goog-generation: 1715018588335435
content-type: application/javascript
x-goog-hash: crc32c=p++qAQ==, md5=tHFBGf+UrjaREAaJxyBGxg==
cache-control: public,max-age=3600
x-cache-hit: miss
x-goog-stored-content-length: 2688
accept-ranges: none

GET
H3 200 %5B...gtin-productName%5D-140ede4fa12f66de.js
www.heinz.com/_next/static/chunks/pages/products/ 0
1 KB 76ms
75ms Other
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/pages/products/%5B...gtin-productName%5D-140ede4fa12f66de.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/main-d7646808c5d1b152.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:09:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1715018499
age: 482
x-guploader-uploadid: ABPtcPqil3dniJ-7tEAlLM8_xC2fGxJameHJL5B2H3xnJf-GJF2e4Ba4rU37BGVUWNse-au1wqg
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1481
last-modified: Mon, 06 May 2024 18:03:08 GMT
server: UploadServer
etag: W/"d648c97427844a733b0d1ea8ed5f7e95"
vary: Accept-Encoding
x-goog-generation: 1715018588035962
x-goog-hash: crc32c=D1jBSg==, md5=1kjJdCeESnM7DR6o7V9+lQ==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 3394
accept-ranges: none

GET
H3 200 %5B...slug%5D-10c5f4464e80f4d4.js Show response
www.heinz.com/_next/static/chunks/pages/ 5 KB
0 110ms
110ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heinz.com/_next/static/chunks/pages/%5B...slug%5D-10c5f4464e80f4d4.js
Requested by: Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/main-d7646808c5d1b152.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.11.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b143f033d91ffc8609136807cc4742aea96cd1f1327bd8c1e785fa72bc870c71

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1715018499
x-guploader-uploadid: ABPtcPpB0RrVmetOq7bsm2STPLj3tFAHZvplf5TgsyK6CT4ZoAek89lrnQ3ZEFdOOBCv09h4v65l-TCgmA
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 06 May 2024 18:03:06 GMT
server: UploadServer
etag: W/"00728e899e931e65744d05d3db62e4c0"
vary: Accept-Encoding
x-goog-generation: 1715018586025308
content-type: application/javascript
x-goog-hash: crc32c=x1FGoQ==, md5=AHKOiZ6THmV0TQXT22LkwA==
cache-control: public,max-age=3600
x-cache-hit: miss
x-goog-stored-content-length: 5583
accept-ranges: none

GET
H3 200 ad63afbf7fb7c47b.css Show response
www.heinz.com/_next/static/css/ 5 KB
0 0ms
0ms Fetch
text/css 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heinz.com/_next/static/css/ad63afbf7fb7c47b.css
Requested by: Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-f588bdd844158924.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.11.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3f3b31bb570f3e8215db239ef724f145f44a916978e8d33cf5bc9f8059191fe3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.heinz.com/en-CA
baggage: sentry-environment=prd,sentry-release=dxp-heinz-dot-com%40v1.17.0-1-g8279871,sentry-public_key=5bd832e64a6f43019aa63691f23db074,sentry-trace_id=0efd67a0f88f456c8970c71f6a685697,sentry-sample_rate=0.2,sentry-transaction=%2F,sentry-sampled=false
sentry-trace: 0efd67a0f88f456c8970c71f6a685697-be9d975136603b3d-0
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:09:26 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1715018499
age: 480
x-guploader-uploadid: ABPtcPpMbAZpMBdXhlvt7EY3TYcJu6EFDFuzCxBjTHukCC5InIP8zoFurI293hx7i8f7DFx67wc
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1330
last-modified: Mon, 06 May 2024 18:03:09 GMT
server: UploadServer
etag: W/"66a6d3a3e2fc1e39b3b26658d7aa94e5"
vary: Accept-Encoding
x-goog-generation: 1715018589960689
x-goog-hash: crc32c=Bt2r2w==, md5=ZqbTo+L8HjmzsmZY16qU5Q==
content-type: text/css
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 5629
accept-ranges: none

GET
H3 200 %5B...gtin-productName%5D-140ede4fa12f66de.js Show response
www.heinz.com/_next/static/chunks/pages/products/ 3 KB
0 42ms
42ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heinz.com/_next/static/chunks/pages/products/%5B...gtin-productName%5D-140ede4fa12f66de.js
Requested by: Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/main-d7646808c5d1b152.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.11.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 143eb0466207d111b4ef0ee84cc746736fc1dfe15bade94a47ef23f0c52ad939

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:09:26 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1715018499
age: 482
x-guploader-uploadid: ABPtcPqil3dniJ-7tEAlLM8_xC2fGxJameHJL5B2H3xnJf-GJF2e4Ba4rU37BGVUWNse-au1wqg
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1481
last-modified: Mon, 06 May 2024 18:03:08 GMT
server: UploadServer
etag: W/"d648c97427844a733b0d1ea8ed5f7e95"
vary: Accept-Encoding
x-goog-generation: 1715018588035962
x-goog-hash: crc32c=D1jBSg==, md5=1kjJdCeESnM7DR6o7V9+lQ==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 3394
accept-ranges: none

GET
H3 200 %5B...recipe-entryTitle%5D-57ddf1e3740f2292.js Show response
www.heinz.com/_next/static/chunks/pages/recipes/ 3 KB
0 0ms
0ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heinz.com/_next/static/chunks/pages/recipes/%5B...recipe-entryTitle%5D-57ddf1e3740f2292.js
Requested by: Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/main-d7646808c5d1b152.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.11.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c1e50a6a1d2541ae7d93d52bf33db68a9e53f1f39adaaadeb07b92754dd6dd92

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:28 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1715018499
x-guploader-uploadid: ABPtcPraEY2ZcKpk7i6gs3vpAWJyh4xGG-Vymm5cvFbSaMFUg6MbtwxBjRqRpPj3iFNk1paLDP6Gyy1rUg
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 06 May 2024 18:03:08 GMT
server: UploadServer
etag: W/"b4714119ff94ae3691100689c72046c6"
vary: Accept-Encoding
x-goog-generation: 1715018588335435
content-type: application/javascript
x-goog-hash: crc32c=p++qAQ==, md5=tHFBGf+UrjaREAaJxyBGxg==
cache-control: public,max-age=3600
x-cache-hit: miss
x-goog-stored-content-length: 2688
accept-ranges: none

GET
H2 200 en.json Show response
cdn-ukwest.onetrust.com/consent/98163a3e-f400-4c61-8d40-747a07bc5c49/018dd096-c9d6-7987-9180-74babb590fe2/ 61 KB
17 KB 119ms
118ms Fetch
application/x-javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/98163a3e-f400-4c61-8d40-747a07bc5c49/018dd096-c9d6-7987-9180-74babb590fe2/en.json

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-f588bdd844158924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b57e6f2abb1bcc7f89f46ca16b4a9f51719fe4de0f3e9c9e3966fd3834db471

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 10:17:28 GMT
content-encoding: gzip
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 73600
content-md5: fqXslQV2D8Hm7Qs/42ZTcA==
content-length: 16740
x-ms-lease-status: unlocked
last-modified: Wed, 28 Feb 2024 14:47:33 GMT
server: cloudflare
etag: 0x8DC386C3271E624
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6128fcd9-b01e-0059-7dd4-7a211d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 888c8942ab78ac31-YYZ

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/assets/ 10 KB
3 KB 110ms
110ms Fetch
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/assets/otFloatingRoundedCorner.json

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-f588bdd844158924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 10:17:28 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Kj9eZyK9jbYaOE1O5PHVDA==
age: 79545
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2627
x-ms-lease-status: unlocked
last-modified: Fri, 23 Feb 2024 19:52:02 GMT
server: cloudflare
etag: 0x8DC34A8E789BE50
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 9a1807ea-301e-000c-2cd4-7aca6a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 888c8943dc24ac31-YYZ
expires: Sat, 25 May 2024 10:17:28 GMT

GET
H2 200 otPcTab.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/assets/v2/ 63 KB
13 KB 136ms
135ms Fetch
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/assets/v2/otPcTab.json

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-f588bdd844158924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51dfbad7e1a227d3935016e5c4190e5e46e03daa4b249e5ded55f54235efbd7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 10:17:28 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: cum224+VZtN2fQod9AfC0A==
age: 59825
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13599
x-ms-lease-status: unlocked
last-modified: Fri, 23 Feb 2024 19:52:03 GMT
server: cloudflare
etag: 0x8DC34A8E826665C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a23f333d-c01e-0019-1dd4-7a08f3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 888c8943ec41ac31-YYZ
expires: Sat, 25 May 2024 10:17:28 GMT

GET
H2 200 otCookieSettingsButton.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/assets/ 5 KB
2 KB 152ms
151ms Fetch
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/assets/otCookieSettingsButton.json

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-f588bdd844158924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 10:17:28 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: P+JM5OTYESbConLeIFfe7w==
age: 77784
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1766
x-ms-lease-status: unlocked
last-modified: Fri, 23 Feb 2024 19:52:02 GMT
server: cloudflare
etag: 0x8DC34A8E7A3FAE6
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 963bc243-b01e-0070-62d4-7a575f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 888c8943ec43ac31-YYZ
expires: Sat, 25 May 2024 10:17:28 GMT

GET
H2 200 otCommonStyles.css Show response
cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/assets/ 21 KB
4 KB 147ms
147ms Fetch
text/css 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/assets/otCommonStyles.css

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-f588bdd844158924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 10:17:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 58663
x-ms-lease-status: unlocked
last-modified: Fri, 23 Feb 2024 19:52:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4d666820-d01e-0060-1ad4-7a61b9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 888c8943ec44ac31-YYZ
expires: Sat, 25 May 2024 10:17:28 GMT

GET
H2 206 Homepage-Hero-Banner-New-Users-ml-Video.mp4
cdn.allotta.io/video/upload/f_auto/q_auto/v1709845709/dxp-images/heinz/or-creative-content-panel/Personalization/ 871 KB
872 KB 509ms
95ms Media
video/webm 2a04:4e42:600::604
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.allotta.io/video/upload/f_auto/q_auto/v1709845709/dxp-images/heinz/or-creative-content-panel/Personalization/Homepage-Hero-Banner-New-Users-ml-Video.mp4

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::604 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

636255ed3e4c59d28549c52507cfaf7639094f1fcfd8c999ac5cd9644baac9cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.heinz.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 10:17:29 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
Content-Range: bytes 0-892034/892035
server-timing: cld-fastly;dur=2;start=2024-05-24T10:17:29.383Z;desc=hit,rtt;dur=46,content-info;desc="width=1080,height=1080,abps=83438,fps=23.976,du=10.691,vc=\"vp9\",bytes=892035,owidth=1080,oheight=1080,oabps=1090227,ofps=23.976,odu=10.677,ovc=\"h264\",obytes=11640716,oformat=\"mp4\",ef=(18,41,62)"
Content-Length: 892035
last-modified: Thu, 07 Mar 2024 21:17:13 GMT
server: Cloudinary
etag: "046126501cecc3cf40b6163e441b4948"
vary: Save-Data
content-type: video/webm;codecs=vp9
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ot_close.svg
cdn-ukwest.onetrust.com/logos/static/ 651 B
646 B 113ms
113ms Image
image/svg+xml 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/static/ot_close.svg

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 10:17:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 3149
x-ms-lease-status: unlocked
last-modified: Tue, 14 May 2024 19:29:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 82ea6aef-a01e-0041-18d5-a60f17000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 888c89450f3936c7-YYZ
expires: Sat, 25 May 2024 10:17:29 GMT

GET
H2 200 ot_guard_logo.svg Show response
cdn-ukwest.onetrust.com/logos/static/ 497 B
611 B 115ms
115ms Fetch
image/svg+xml 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/logos/static/ot_guard_logo.svg

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-f588bdd844158924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 10:17:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 59826
x-ms-lease-status: unlocked
last-modified: Tue, 14 May 2024 19:29:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c180ffff-501e-0037-53ae-a6855f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 888c89453d0bac31-YYZ
expires: Sat, 25 May 2024 10:17:29 GMT

GET
H2 200 HEINZ-logo-sm.jpg
cdn-ukwest.onetrust.com/logos/a78fbccf-09e8-4fde-ad47-919d8ad6536f/98163a3e-f400-4c61-8d40-747a07bc5c49/8c55b7ef-6427-44eb-8512-dae98febb175/ 8 KB
8 KB 112ms
112ms Image
image/jpeg 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/a78fbccf-09e8-4fde-ad47-919d8ad6536f/98163a3e-f400-4c61-8d40-747a07bc5c49/8c55b7ef-6427-44eb-8512-dae98febb175/HEINZ-logo-sm.jpg

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

030d7d2d5ab4a1b6416ea9e05f4dbc1f5d66f54f4efc6933d8d03314c67fd0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 10:17:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-md5: ox+X4Ge+x6xbAv9W3aoWcg==
age: 77323
content-length: 7720
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Thu, 29 Dec 2022 15:08:17 GMT
server: cloudflare
etag: 0x8DAE9AE8416A242
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 4d7f0169-f01e-0063-040b-7cca08000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 888c89456f9c36c7-YYZ
expires: Sat, 25 May 2024 10:17:29 GMT

GET
H2 200 Heinz_(1).jpg
cdn-ukwest.onetrust.com/logos/a78fbccf-09e8-4fde-ad47-919d8ad6536f/98163a3e-f400-4c61-8d40-747a07bc5c49/4085dc96-c667-433b-933c-b2f9e35190ae/ 70 KB
70 KB 131ms
131ms Image
image/jpeg 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/a78fbccf-09e8-4fde-ad47-919d8ad6536f/98163a3e-f400-4c61-8d40-747a07bc5c49/4085dc96-c667-433b-933c-b2f9e35190ae/Heinz_(1).jpg

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f220e6d07552063eb88b0b4e0400f299a98610c004973ef1685ff315e8e2153d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 10:17:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-md5: g+oweTDerowv7YbML7vaWA==
age: 58664
content-length: 71627
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Tue, 10 Jan 2023 16:20:10 GMT
server: cloudflare
etag: 0x8DAF3268BD8EBBE
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: bc7deb50-101e-005f-33d4-7ad665000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 888c89458fce36c7-YYZ
expires: Sat, 25 May 2024 10:17:29 GMT

GET
H2 200 powered_by_logo.svg
cdn-ukwest.onetrust.com/logos/static/ 5 KB
2 KB 156ms
156ms Image
image/svg+xml 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/static/powered_by_logo.svg

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 10:17:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 70566
x-ms-lease-status: unlocked
last-modified: Tue, 14 May 2024 19:29:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c234b3cb-f01e-0063-5ed5-a6ca08000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 888c89458fd136c7-YYZ
expires: Sat, 25 May 2024 10:17:29 GMT

GET
H2 200 embed_lib_v1.0.12.css
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/ 4 KB
2 KB 91ms
90ms Stylesheet
text/css 23.46.156.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.css
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.156.157 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-46-156-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8c107541703c4d748d507c1827566254c8a950dc913e83f6ec490e5cec3eca0f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 9e08eee
date: Fri, 24 May 2024 10:17:29 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: Ii2KDY04c+qhyedihYMYdg==
x-cache: TCP_MEM_HIT from a23-46-151-157.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 1323
last-modified: Mon, 22 Jan 2024 19:32:26 GMT
opc-request-id: iad-1:wkfdoDkg1mMteNyf2R-IdaR_TfZT0FDQ-jHokrUuCeSnvRiJYMJZeFCNY1midbRd
x-api-id: native
etag: 39224e5f-f8d6-4c55-ae56-505ef909cad1
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: text/css
version-id: 13b130cc-bbd0-4b27-8c6e-b602952002cb
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 23 Jun 2024 10:17:29 GMT

GET
H2 200 embed_lib_v1.0.12.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/ 14 KB
6 KB 91ms
91ms Script
application/javascript 23.46.156.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.156.157 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-46-156-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 837952667afe5b3e25ecaea19e3884e52add3125525a16d5c513270c9c50a8a9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 9e08eef
date: Fri, 24 May 2024 10:17:29 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: VdrKLRPQL3RIZZVN/2qAoQ==
x-cache: TCP_MEM_HIT from a23-46-151-157.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 5716
last-modified: Mon, 22 Jan 2024 19:32:27 GMT
opc-request-id: iad-1:yvN4bg8V8-n5uytG9lmowXEj__qYpCIackWLttBw9Erfjec96OfeMYVrdXo-gqes
x-api-id: native
etag: 68841bda-6450-4a08-b6f6-faff4077f49a
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: b9e60eac-0991-435a-9f2a-a3f1f27e2397
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 23 Jun 2024 10:17:29 GMT

GET
H2 200 7064265650105224454
www.tiktok.com/embed/v2/ Frame 0A79 0
0 619ms
313ms Document
text/html 173.223.163.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tiktok.com/embed/v2/7064265650105224454?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.163.202 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a173-223-163-202.deploy.static.akamaitechnologies.com

Software

TLB /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; upgrade-insecure-requests ; report-to csp-endpoint; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=a38d958f-8b29-4cf6-ab9f-3c12ef9e7632

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.heinz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; upgrade-insecure-requests ; report-to csp-endpoint; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=a38d958f-8b29-4cf6-ab9f-3c12ef9e7632
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 10:17:30 GMT
expires: Fri, 24 May 2024 10:17:30 GMT
pragma: no-cache
reporting-endpoints: csp-endpoint="https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
server: TLB
server-timing: inner; dur=172 cdn-cache; desc=MISS, edge; dur=1, origin; dur=182
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-akamai-request-id: 4c555fd
x-cache: TCP_MISS from a23-202-158-10.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
x-origin-response-time: 182,23.202.158.10
x-pumbaa-web-avail: 1
x-tt-logid: 2024052410172966307B523BE6430BCCE7
x-tt-trace-host: 01426287e4445b5ff20f4095011fe5ae834594bddec7523448d8ecc9c25b492e11acac0e0d18351eb4cf2fcbead8217da8b92dc403184997fb4958522f22226ee59f8473e78e83e365c9bc9e3fc1403e21ae45de27cecbdbd7967314eedf015848
x-tt-trace-id: 00-24052410172966307B523BE6430BCCE7-7E73B8B763D29A1D-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 7138492977277717765
www.tiktok.com/embed/v2/ Frame 54CC 0
0 737ms
433ms Document
text/html 173.223.163.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tiktok.com/embed/v2/7138492977277717765?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.163.202 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a173-223-163-202.deploy.static.akamaitechnologies.com

Software

TLB /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

report-to csp-endpoint; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=a38d958f-8b29-4cf6-ab9f-3c12ef9e7632; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; upgrade-insecure-requests

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.heinz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-security-policy: report-to csp-endpoint; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=a38d958f-8b29-4cf6-ab9f-3c12ef9e7632; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 10:17:30 GMT
expires: Fri, 24 May 2024 10:17:30 GMT
pragma: no-cache
reporting-endpoints: csp-endpoint="https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
server: TLB
server-timing: inner; dur=287 cdn-cache; desc=MISS, edge; dur=0, origin; dur=302
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-akamai-request-id: 4c555fe
x-cache: TCP_MISS from a23-202-158-10.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
x-origin-response-time: 302,23.202.158.10
x-pumbaa-web-avail: 1
x-tt-logid: 202405241017298C0C730E1A06D60C9293
x-tt-trace-host: 01426287e4445b5ff20f4095011fe5ae834594bddec7523448d8ecc9c25b492e117865feb7bb2d460d9450292c21a904df568339aaeda98504ac4d8ff4ee68fd2f8c10cae4636a6da5971f1e5cd25f5bc543dac5757e9a3d1fef8f536884fd4fab
x-tt-trace-id: 00-2405241017298C0C730E1A06D60C9293-6C8207F40A48A7F5-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 7121772773936008453
www.tiktok.com/embed/v2/ Frame FEBF 0
0 661ms
359ms Document
text/html 173.223.163.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tiktok.com/embed/v2/7121772773936008453?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.163.202 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a173-223-163-202.deploy.static.akamaitechnologies.com

Software

TLB /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

report-to csp-endpoint; upgrade-insecure-requests ; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=a38d958f-8b29-4cf6-ab9f-3c12ef9e7632

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.heinz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-security-policy: report-to csp-endpoint; upgrade-insecure-requests ; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=a38d958f-8b29-4cf6-ab9f-3c12ef9e7632
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 10:17:30 GMT
expires: Fri, 24 May 2024 10:17:30 GMT
pragma: no-cache
reporting-endpoints: csp-endpoint="https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
server: TLB
server-timing: inner; dur=212 cdn-cache; desc=MISS, edge; dur=0, origin; dur=218
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-akamai-request-id: 4c555ff
x-cache: TCP_MISS from a23-202-158-10.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
x-origin-response-time: 218,23.202.158.10
x-pumbaa-web-avail: 1
x-tt-logid: 20240524101729924D539960A1850CC7D7
x-tt-trace-host: 01426287e4445b5ff20f4095011fe5ae834594bddec7523448d8ecc9c25b492e116501ef3c639e5f5bcb8b9f3c76599e827ea83f7e528b8db671f2f2addcb762c7cac215fbfb2bd2f123f03bc98e35955c57b0f5d9817d895e5ec0091d9adf9a21
x-tt-trace-id: 00-240524101729924D539960A1850CC7D7-52BC599D7FDDB388-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 7116930278274223365
www.tiktok.com/embed/v2/ Frame 867A 0
0 279ms
279ms Document
text/html 173.223.163.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tiktok.com/embed/v2/7116930278274223365?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.163.202 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a173-223-163-202.deploy.static.akamaitechnologies.com

Software

TLB /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests ; report-to csp-endpoint; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=a38d958f-8b29-4cf6-ab9f-3c12ef9e7632; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.heinz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-security-policy: upgrade-insecure-requests ; report-to csp-endpoint; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=a38d958f-8b29-4cf6-ab9f-3c12ef9e7632; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 10:17:33 GMT
expires: Fri, 24 May 2024 10:17:33 GMT
pragma: no-cache
reporting-endpoints: csp-endpoint="https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
server: TLB
server-timing: inner; dur=161 cdn-cache; desc=MISS, edge; dur=1, origin; dur=171
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-akamai-request-id: 4c590bb
x-cache: TCP_MISS from a23-202-158-10.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
x-origin-response-time: 171,23.202.158.10
x-pumbaa-web-avail: 1
x-tt-logid: 20240524101732C00A54CF34862F0C54E3
x-tt-trace-host: 01426287e4445b5ff20f4095011fe5ae834594bddec7523448d8ecc9c25b492e1127e70b5b774f8a543158f20bf09a3ba3a510b2a8a5d5efe704d0bc93d54b72c4978de3bd1756031b643d4513b50560efecba093f1a367c7059829e28bd44a08a
x-tt-trace-id: 00-240524101732C00A54CF34862F0C54E3-16AC4A8949AAB2E7-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 7029744641691962630
www.tiktok.com/embed/v2/ Frame F0D7 0
0 295ms
295ms Document
text/html 173.223.163.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tiktok.com/embed/v2/7029744641691962630?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.163.202 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a173-223-163-202.deploy.static.akamaitechnologies.com

Software

TLB /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.heinz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; upgrade-insecure-requests ; report-to csp-endpoint; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=a38d958f-8b29-4cf6-ab9f-3c12ef9e7632
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 10:17:33 GMT
expires: Fri, 24 May 2024 10:17:33 GMT
pragma: no-cache
reporting-endpoints: csp-endpoint="https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
server: TLB
server-timing: inner; dur=158 cdn-cache; desc=MISS, edge; dur=1, origin; dur=165
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-akamai-request-id: 4c5912e
x-cache: TCP_MISS from a23-202-158-10.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
x-origin-response-time: 165,23.202.158.10
x-pumbaa-web-avail: 1
x-tt-logid: 20240524101732719EB0A47BB48A0C8BCC
x-tt-trace-host: 01426287e4445b5ff20f4095011fe5ae834594bddec7523448d8ecc9c25b492e112d680cd0dfec99bff8073e57e7cfaa5ef1094538e7ac959783330489978426cf215689dd512059d2db4bea462d972f40afdffbf60cba1bc84ac70c785129f208
x-tt-trace-id: 00-240524101732719EB0A47BB48A0C8BCC-26D1A30671701498-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: o4504005838045184.ingest.sentry.io
URL: https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 01:08:17	Name: _GRECAPTCHA Value: 09AOn7T8bCumXpI4RyS7tMyoNom8VAeUa-njG914xxvn2I1BjgpbiuORor09qdUioGFagVlMaBL6W6vwqGl9W9cIU
www.heinz.com/	1970-01-20 20:49:05	Name: kh-homepage-redirect Value: en-US
www.heinz.com/	1970-01-21 05:34:41	Name: kh-preferred-locale Value: en-CA
.fonts.net/	1970-01-20 20:49:07	Name: __cf_bm Value: WKaUvr61gXxTPnxE.VyqosIc7UdyIPCm5ONPr2x0zew-1716545847-1.0.1.1-xJwvHo3qzyPLXgWEhsOjsl9J8Ml7YpAZPgsNnu6.5qMVqJPfEBh6RSowRuRAJjRWPm3cUrQfNfPAG.KEgZczYw
.heinz.com/	1970-01-21 05:34:41	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+May+24+2024+03%3A17%3A29+GMT-0700+(Pacific+Daylight+Saving+Time)&version=202402.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=9d9f71c3-c916-4309-ab66-bddc2818b3d5&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.heinz.com%2Fen-CA&groups=C0003%3A0%2CC0001%3A1%2CC0004%3A0%2CC0002%3A0
.tiktok.com/	1970-01-21 05:27:29	Name: ttwid Value: 1%7CxNR4gXpACC1TJ45rbexnZwVr1Y_JyXd7w2GqzfqwPJU%7C1716545850%7C7fb5e1e65d21a9982609f2b409ee335f0ccf22c1cbfc33edfa2c8c0ca2e870fb
www.heinz.com/	1970-01-20 20:49:07	Name: recaptcha-ca-t Value: AaGzOmesSC1gsdgLC2ZH7aEOV_0vIsAlfk4JxivbOtP2Efm2iY2ebRG-CcB5eOPJFnHkQoTYKb4P-aqI7Q1MBCv2h1y61T5QaBNCHovQbJFOsxVhOSCR3VSrnzl2HAZjpIGC9eQZY-xHUnrqUrfE6yQvRqGQ7Q:U=6cbad008a0000000
.tiktok.com/	1970-01-20 21:03:29	Name: msToken Value: 9ZqwJRkQ-7uvIjuNx_wLERYuBTtKm9G__36Zqc490VDbQ9P7dfUigIoUQm4bCSGCfeEZauCKcJ2PnP2CC9DvrEVQ7vqR4yK38CyiZQ9nMbY=

31 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.heinz.com/en-CA Message: [Report Only] Refused to load the script 'https://www.google.com/recaptcha/enterprise.js?render=6LcXRoUpAAAAADJ6CJ5FqaTT4WpekunUmpOZHl7B&waf=session' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net .lytics.io .customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com .hotjar.com .privacymanager.io .onetrust.com polyfill.io .bytedapm.com .ttwstatic.com www.tiktok.com .tiktokcdn-us.com .pricespider.com .swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-ukwest.onetrust.com
cdn.allotta.io
cdn.fonts.net
experience.ninetailed.co
geolocation.onetrust.com
khparis2024.ca
o4504005838045184.ingest.sentry.io
res.cloudinary.com
sf16-website-login.neutral.ttwstatic.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.heinz.com
www.tiktok.com
o4504005838045184.ingest.sentry.io
173.223.163.199
173.223.163.202
23.46.156.157
2600:1408:c400:385::523
2606:4700:4400::ac40:9b77
2606:4700::6810:291c
2606:4700::6812:166b
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c1b::68
2607:f8b0:4004:c1b::93
2607:f8b0:400d:c03::61
2a04:4e42:600::604
34.111.11.8
34.120.195.249
34.49.92.71
030d7d2d5ab4a1b6416ea9e05f4dbc1f5d66f54f4efc6933d8d03314c67fd0a0
143eb0466207d111b4ef0ee84cc746736fc1dfe15bade94a47ef23f0c52ad939
203e7754933db0406510bb029970caec6015b58efae2308e3254e03719410a8f
21a47f7ae5f68d098c81dca6a9baeeb5e151138ec465aa06c77bca88a82b744d
22dc26c72c5fff992ecb6350d98c48ff9555f33d5867fdd05b9306fc66aa2568
251ed8f1de16e0020dd376dd7c680b96ecd5b32e62004ca28ddb1a4b32e68e47
2667e888219b42f87e7546d948de2f36c942fbedd4ca96ae5c52ddd51565d50d
2e789e43937c7abc5959eba06825459f4e08e050ff9ea43ab8ec5a041a3e7558
3450c324ccc77c337c1394efc7cb1ba35a90b891728e8bfcd124a017a1c22b50
35b50e3378253b62dccb9433cafa6c29e17948c1da7dc73d9ff474c92324b0d5
38a47f112a28751121d8096c0cdf8906f8364441eaeebaa342dba502e588b158
3f3b31bb570f3e8215db239ef724f145f44a916978e8d33cf5bc9f8059191fe3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4be864707ecb79ec664eec518a6655d5f9f5d9358f61e471fe4253d5eee525e7
51dfbad7e1a227d3935016e5c4190e5e46e03daa4b249e5ded55f54235efbd7a
549aee2aa3f0a2176ba56ec2a0e8e871b03bea50363392c9611ee092dae79fd8
5535c82f713014869baf5ff7fa211de341f2eae294fc05e6c6ac9786d22c6c94
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
612dc12ea29f3cc3d7213ec034a0ba36bc06d5ad90f2231324078337e4f95299
636255ed3e4c59d28549c52507cfaf7639094f1fcfd8c999ac5cd9644baac9cc
66707b7434e14fc523f2fc692e4a190958a02598dd3d9c45ec0f65f90091727b
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88
6dcde4be61d423113da8899b1cca4fc9bbca7b339869148c65fc2bfb4799f957
7041a6c76e46c7bed26fd75072d65d91b42a24e3041e2365b68d37eaf73f94f6
7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397
792318d91d50f2a952e08ec9ad3a4c081d969d62730ef9d4a567da45c8ad635d
796534e97cbd7552a0cca284780dbd626c4958d2dda032d0f3784138b085317c
837952667afe5b3e25ecaea19e3884e52add3125525a16d5c513270c9c50a8a9
8b57e6f2abb1bcc7f89f46ca16b4a9f51719fe4de0f3e9c9e3966fd3834db471
8c107541703c4d748d507c1827566254c8a950dc913e83f6ec490e5cec3eca0f
8d04a600ff158f257f4a6a0767487b4241951a6e237d393ebb3bf9f70754e66f
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
9170bc6ca29054b4e7a48b59e8a0c95343163dce5e876ab3b61b1e32fe8f3b0b
9cfef4fd98c8704761a67bfc0eb95d3adac926b5972f7bc9b6f90ad496b51b4a
a14daf0e8fc4d267857209122973a1315ef55e5a63b7c37f4de4bc13440d94ff
a57093ee398e9f841f07cca8fc089d5ba01403820739eb7b7ac3e0792cf40c5b
a81721c05467d9c1b1907dd9c2511ff39890ef81f9f700164c37cf0e18829b66
ab49b7a85d348897b96a1fc53afb04741dd66a4df52a4ca5cb8b844f2da9d6ee
b0e3acc54460721385d2e472dda7288382f2766a06b38d2e732d034619f9b929
b143f033d91ffc8609136807cc4742aea96cd1f1327bd8c1e785fa72bc870c71
ba09151245c0fe7c88b0661a87aaabf65a1d8a60fb1b45e71c083f6a6818b1e3
bc47f5ca73ec24226eb41af2e1044227c50645012a8551f4a4f4043119f5b38f
c01bb9479ac12b0a466eea7b1d26de284f8daad016fe26d2710c2399d620f8be
c050395268cb6954f382b23b8aac30ce63dbe1411c6763d06a678ceab9b0b3df
c1e50a6a1d2541ae7d93d52bf33db68a9e53f1f39adaaadeb07b92754dd6dd92
c6b60c8cd87dc7c1e47793a6200c6abaaae64b23b92b2662e6a891fcbf6c6d44
cebb76038c9ca70f204c29add9ccb351beb25d68c3af955251750152b98e65ec
d00cc82ccfb01d6d4c65237b763322ad26cf13a07b34ccf30caea12cd868141e
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
dc15d2dbaaafa80d89a77adf365ea3a2a728c8eefc36b9872b06b78d7d919b49
dc6350839316603317940ac60fd110d1fd7f6f46e7978f18171afdef9ead3222
e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f3a6819e48e60c18a968f1686328b118fa201049356d2fb2eee6d299338052
e698fc10305a573b7ae5280102b7c066cf5ffa811ecb1f58217d64a7b03a5814
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f220e6d07552063eb88b0b4e0400f299a98610c004973ef1685ff315e8e2153d
f2c47aba706362c2335b086a342d09bb88ca093687993684dc0f65ed2542d2d0
f83a3b6fd7fd59c67734e86cef175cd3df600c9d8844941f48d62ec62ab15f29
f8c696f68bb0e740959f6b74e98ea637fb946c4bdae360f3334f4d4bcc5b2a16

www.heinz.com Open in urlscan Pro 34.111.11.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

97 %HTTPS

60 %IPv6

13 Domains

14 Subdomains

14 IPs

1 Countries

3880 kBTransfer

10412 kBSize

8 Cookies

9 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heinz.com Open in urlscan Pro
34.111.11.8 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

97 %
HTTPS

60 %
IPv6

13
Domains

14
Subdomains

14
IPs

1
Countries

3880 kB
Transfer

10412 kB
Size

8
Cookies

72 HTTP transactions
1 data transactions