urlscan.io logo urlscan.io
SecurityTrails logo

samplers.heinemann.com Open in urlscan Pro
2606:2c40::c73c:671d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pull.xmr3.com/p/18017-F77E/589503165/e50d00f7-36f9-4bd0-b907-bf2dbf8a0d6d.html
Effective URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR...
Submission: On April 13 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 2 countries across 22 domains to perform 96 HTTP transactions. The main IP is 2606:2c40::c73c:671d, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is samplers.heinemann.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 20th 2021. Valid for: a year.
This is the only time samplers.heinemann.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 137.236.223.2 27495 (OPENTEXT-...)
13 2606:2c40::c7... 209242 (CLOUDFLAR...)
2 104.105.82.187 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 99.84.118.4 16509 (AMAZON-02)
1 45.60.11.203 19551 (INCAPSULA)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
11 54.167.130.168 14618 (AMAZON-AES)
1 54.165.48.193 14618 (AMAZON-AES)
4 2606:4700::68... 13335 (CLOUDFLAR...)
10 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
6 2a03:2880:f11... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 142.250.65.226 15169 (GOOGLE)
1 99.84.42.90 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
1 54.230.102.38 16509 (AMAZON-02)
1 143.204.146.2 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
96 30
2    137.236.223.2 (Canada)

ASN27495 (OPENTEXT-NA-US-1, CA)
PTR: pull.xmr3.com
pull.xmr3.com
13    2606:2c40::c73c:671d (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
samplers.heinemann.com
2    104.105.82.187 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-82-187.deploy.static.akamaitechnologies.com
se.monetate.net
1    2606:4700::6811:f4cc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
1    99.84.118.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-118-4.ewr52.r.cloudfront.net
cdn.blueconic.net
1    45.60.11.203 (United States)

ASN19551 (INCAPSULA, US)
www.heinemann.com
4    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:e6cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
11    54.167.130.168 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-130-168.compute-1.amazonaws.com
heinemann.blueconic.net
1    54.165.48.193 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-48-193.compute-1.amazonaws.com
f.monetate.net
4    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
app.hubspot.com
track.hubspot.com
10    2607:f8b0:4006:817::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
9    2607:f8b0:4006:808::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)
perf.hsforms.com
5    2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
3    2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.65.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
www.googleadservices.com
1    99.84.42.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-90.ewr52.r.cloudfront.net
static.hotjar.com
4    2607:f8b0:4006:809::2003 (United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    54.230.102.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-102-38.ewr53.r.cloudfront.net
script.hotjar.com
1    143.204.146.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-2.ewr52.r.cloudfront.net
vars.hotjar.com
1    2607:f8b0:4006:807::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
14 gstatic.com
www.gstatic.com
fonts.gstatic.com
551 KB
14 heinemann.com
samplers.heinemann.com
www.heinemann.com — Cisco Umbrella Rank: 194245
423 KB
12 blueconic.net
cdn.blueconic.net — Cisco Umbrella Rank: 7907
heinemann.blueconic.net — Cisco Umbrella Rank: 171839
230 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 4
83 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
45 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
853 B
4 google.ca
www.google.ca — Cisco Umbrella Rank: 8069
735 B
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
2 KB
4 hubspot.com
app.hubspot.com — Cisco Umbrella Rank: 6630
track.hubspot.com — Cisco Umbrella Rank: 2374
forms.hubspot.com Failed
2 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
288 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 621
script.hotjar.com — Cisco Umbrella Rank: 818
vars.hotjar.com — Cisco Umbrella Rank: 999
67 KB
3 monetate.net
se.monetate.net — Cisco Umbrella Rank: 6106
f.monetate.net — Cisco Umbrella Rank: 9167
56 KB
2 xmr3.com
pull.xmr3.com — Cisco Umbrella Rank: 527862
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 104
15 KB
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3802
910 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
69 KB
1 hsforms.com
perf.hsforms.com — Cisco Umbrella Rank: 10616
545 B
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3477
3 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 4472
87 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2287
35 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2289
16 KB
1 hubspot.net
cdn2.hubspot.net — Cisco Umbrella Rank: 7374
2 KB
96 22
Domain Requested by
13 samplers.heinemann.com samplers.heinemann.com
11 heinemann.blueconic.net cdn.blueconic.net
heinemann.blueconic.net
10 www.google.com samplers.heinemann.com
www.gstatic.com
www.google.com
9 www.gstatic.com www.google.com
www.gstatic.com
7 www.google-analytics.com samplers.heinemann.com
www.google-analytics.com
www.googletagmanager.com
6 www.facebook.com samplers.heinemann.com
5 fonts.gstatic.com www.google.com
4 www.google.ca
4 connect.facebook.net samplers.heinemann.com
connect.facebook.net
3 stats.g.doubleclick.net www.google-analytics.com
3 track.hubspot.com
2 se.monetate.net samplers.heinemann.com
se.monetate.net
2 pull.xmr3.com 1 redirects
1 googleads.g.doubleclick.net www.googleadservices.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 api.hubapi.com js.hsadspixel.net
1 www.googletagmanager.com samplers.heinemann.com
1 perf.hsforms.com samplers.heinemann.com
1 app.hubspot.com samplers.heinemann.com
1 f.monetate.net se.monetate.net
1 js.hsadspixel.net samplers.heinemann.com
1 js.hsleadflows.net samplers.heinemann.com
1 js.hs-analytics.net samplers.heinemann.com
1 js.hs-banner.com samplers.heinemann.com
1 www.heinemann.com samplers.heinemann.com
1 cdn.blueconic.net samplers.heinemann.com
1 cdn2.hubspot.net samplers.heinemann.com
0 forms.hubspot.com Failed js.hsleadflows.net
96 31

This site contains links to these domains. Also see Links.

Domain
www.heinemann.com
hein.pub
Subject Issuer Validity Valid
samplers.heinemann.com
Cloudflare Inc ECC CA-3		 2021-06-20 -
2022-06-19		 a year crt.sh
www.monetate.net
DigiCert SHA2 Secure Server CA		 2021-08-30 -
2022-08-30		 a year crt.sh
hubspot.net
Cloudflare Inc ECC CA-3		 2021-06-04 -
2022-06-03		 a year crt.sh
*.blueconic.net
Amazon		 2021-08-07 -
2022-09-05		 a year crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-07 -
2022-09-05		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-21 -
2022-04-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
*.monetate.net
DigiCert SHA2 Secure Server CA		 2020-08-21 -
2022-09-28		 2 years crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2022-03-08 -
2023-03-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.google.ca
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Frame ID: B3D02C1BBAA6EB0D9FF5B8BE9ED4F843
Requests: 77 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zYW1wbGVycy5oZWluZW1hbm4uY29tOjQ0Mw..&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&badge=inline&cb=dowaw8b01scl
Frame ID: 3ED2FD93DE75F4C85A37578B4468590D
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: E87073C61402839F0216025ABE69A8EE
Requests: 11 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Frame ID: 643637AEA3678544EC9BB68E4DD210E7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Get Focused | Ralph Fletcher

Page URL History Show full URLs

  1. http://pull.xmr3.com/p/18017-F77E/589503165/e50d00f7-36f9-4bd0-b907-bf2dbf8a0d6d.html HTTP 302
    http://pull.xmr3.com/cgi-bin/pull/DocPull/18017-F77E/589503165/e50d00f7-36f9-4bd0-b907-bf2dbf8a0d... Page URL
  2. https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Anno... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

96
Requests

98 %
HTTPS

66 %
IPv6

22
Domains

31
Subdomains

30
IPs

2
Countries

1978 kB
Transfer

5800 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pull.xmr3.com/p/18017-F77E/589503165/e50d00f7-36f9-4bd0-b907-bf2dbf8a0d6d.html HTTP 302
    http://pull.xmr3.com/cgi-bin/pull/DocPull/18017-F77E/589503165/e50d00f7-36f9-4bd0-b907-bf2dbf8a0d6d.html Page URL
  2. https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://pull.xmr3.com/p/18017-F77E/589503165/e50d00f7-36f9-4bd0-b907-bf2dbf8a0d6d.html HTTP 302
  • http://pull.xmr3.com/cgi-bin/pull/DocPull/18017-F77E/589503165/e50d00f7-36f9-4bd0-b907-bf2dbf8a0d6d.html

96 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
e50d00f7-36f9-4bd0-b907-bf2dbf8a0d6d.html
pull.xmr3.com/cgi-bin/pull/DocPull/18017-F77E/589503165/
Redirect Chain
  • http://pull.xmr3.com/p/18017-F77E/589503165/e50d00f7-36f9-4bd0-b907-bf2dbf8a0d6d.html
  • http://pull.xmr3.com/cgi-bin/pull/DocPull/18017-F77E/589503165/e50d00f7-36f9-4bd0-b907-bf2dbf8a0d6d.html
438 B
770 B 		Document
General
Check archive.org
Download Go to
Full URL
http://pull.xmr3.com/cgi-bin/pull/DocPull/18017-F77E/589503165/e50d00f7-36f9-4bd0-b907-bf2dbf8a0d6d.html
Protocol
HTTP/1.1
Server
137.236.223.2 , Canada, ASN27495 (OPENTEXT-NA-US-1, CA),
Reverse DNS
pull.xmr3.com
Software
Apache /
Resource Hash
ba0760b79a7db5bfda654f0223e3555a70c32085fe1d85aa7c0e71e28f9c3e36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Content-disposition
inline;filename=e50d00f7-36f9-4bd0-b907-bf2dbf8a0d6d.html
Content-length
438
Date
Wed, 13 Apr 2022 17:05:15 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains

Redirect headers

Connection
Keep-Alive
Content-Length
288
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 13 Apr 2022 17:05:15 GMT
Keep-Alive
timeout=5, max=100
Location
http://pull.xmr3.com/cgi-bin/pull/DocPull/18017-F77E/589503165/e50d00f7-36f9-4bd0-b907-bf2dbf8a0d6d.html
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Primary Request get-focused
samplers.heinemann.com/ 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / HubSpot
Resource Hash
48fca149d8bbfd83b2ebadca252f061a50966b50bc57f373dcbb93f1b51e4d20
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://pull.xmr3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-h2-pushed
</hs/hsstatic/HubspotToolsMenu/static-1.128/js/index.js>,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>
cf-ray
6fb5c969aaf5ecf2-YUL
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 13 Apr 2022 17:05:28 GMT
edge-cache-tag
CT-67955911303,P-197281,L-1493687512,L-67957357421,E-426041717,PGS-ALL,SW-3,GC-31562237399
etag
W/"8eb0d88ea2ea63d656845f2297729311"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Sat, 09 Apr 2022 07:17:47 GMT
link
</hs/hsstatic/HubspotToolsMenu/static-1.128/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjKTzYEJMvJuWTyZLR9bL75Htrt3XmnhLPoS9abeHp8rkg1uSxb1x25m4FzBYH1MGBBjpb%2FhJ3DREj3QuS3csone0NNZloS%2Fc3rDygmj4O%2FmjCDhdlabuDrLHNxE5c2bVIfeXS63cTCuc77XKehQE0u74SA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-hs-cache-config
BrowserCache-0s-EdgeCache-180s
x-hs-cache-control
s-maxage=14400, max-age=0
x-hs-cf-cache-status
MISS
x-hs-combine-css
Disabled
x-hs-content-campaign-id
cea39c51-f9e2-434a-b6ee-9de84e99d651
x-hs-content-id
67955911303
x-hs-hub-id
197281
x-hs-prerendered
two-phase;Sat, 09 Apr 2022 07:17:46 GMT
x-powered-by
HubSpot
index.js
samplers.heinemann.com/hs/hsstatic/HubspotToolsMenu/static-1.128/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://samplers.heinemann.com/hs/hsstatic/HubspotToolsMenu/static-1.128/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8b8c8146d6359d62410c5da0c4573717f95f8a2e79fcdf1c3ab242a70d10488
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:28 GMT
via
1.1 2363b636adbc739d5f9806cb41e6d226.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
791469
x-amz-server-side-encryption
AES256
cf-ray
6fb5c96bad92ecf2-YUL
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Fri, 25 Mar 2022 12:04:14 GMT
server
cloudflare
etag
W/"fabb1243bed29fd93cc5e0ce02ce9114"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Czsz1XoXr6XjMVM%2BJiBC200g8kjA4T0xzFRBmav1o15%2B2C9ykKY6g5Jsd0xTlBipap7hjpQVYoX5Yyd70z14pUkwnPxTRvl2Mx6Qbn43WvfnqBR3M%2FbNnQ8kJz3j%2FA%2FUh%2Fs9YcNGSy7EMysJS2U6hwsZhqk%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
ye98kzU383wl95_ydpYD.3IraNY6l134
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-C3
content-type
application/javascript
x-amz-cf-id
rmxX3Bmsd8WuvEO00BBrhMXdYTlqDySvtbZ0QFCqz0EkSRorubhzJA==
expires
Thu, 13 Apr 2023 17:05:28 GMT
project.js
samplers.heinemann.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://samplers.heinemann.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:28 GMT
via
1.1 039b6acf310ef8fb314d9bef263bf88a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13391936
x-amz-server-side-encryption
AES256
cf-ray
6fb5c96bad94ecf2-YUL
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 09 Nov 2021 16:12:42 GMT
server
cloudflare
etag
W/"61ca66de658cab9587e4636894680d5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B65fFgjWhUylRQPQVJelI%2BmGV0nw%2BT0%2BrUp%2F%2FDH6vp%2Brgy%2F5R5EN2cZQ39mz4MzXINgVBixyHRiyT%2FMEXgGBIpqptLiHm9it1Q%2B73FvAcVllA4JZBWVWqoL5NxEk8dJ1i25qkt4u10KqXu02IMbXj1XpwRg%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
cache-control
public, max-age=31536000
x-amz-cf-pop
YTO50-C3
content-type
application/javascript
x-amz-cf-id
L5iE3kjDJFpsME8nlR9rXLbBzDFauKmjDJZbEDO34qds18WPg0Lwag==
expires
Thu, 13 Apr 2023 17:05:28 GMT
jquery-1.7.1.js
samplers.heinemann.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 		92 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://samplers.heinemann.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:28 GMT
via
1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30696112
cf-ray
6fb5c96bedd7ecf2-YUL
x-cache
Miss from cloudfront
content-encoding
br
last-modified
Tue, 25 Nov 2014 17:03:30 GMT
server
cloudflare
etag
W/"ddb84c1587287b2df08966081ef063bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPyTMzemSMg5447uaTIAyzlkLeHIsdWFeoUATg4a6sAooYgG8yZmJWeeDewiuJ3TT2gIpLJ%2FfhRRUdOXYv3mVlZYg7rhmm1maACoBgpaw6YYFjenvoArMyyvDEM6PJti%2BTFh%2BtLm5qfolG2ypjGAs%2Bbv7G0%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
null
cache-control
public, max-age=31536000
x-amz-cf-pop
PHL50-C1
content-type
application/javascript
x-amz-cf-id
RHjZeDWqfzWlZWUM-uXhoL3jjqQfoQcxon-T6L48d-6lzXpjjwX8sw==
expires
Thu, 13 Apr 2023 17:05:28 GMT
entry.js
se.monetate.net/js/2/a-6133d6de/p/heinemann.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://se.monetate.net/js/2/a-6133d6de/p/heinemann.com/entry.js
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.105.82.187 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-82-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0d42be3cee8daa4c078a66b699989b4253357214e32985fdd6884a1b73494190

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
gzip
last-modified
Fri, 18 Feb 2022 17:04:18 GMT
server
AkamaiNetStorage
etag
"d5b96d1d2d4a759a0cb3c212a323084d:1645203858.53715"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
4131
layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1649442472735/hubspot/hubspot_default/shared/responsive/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1649442472735/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1649442472811
date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
426998
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7XXTlR92TzS%2BIIL8Qio%2BnvQC2p4OzWKHtvHveOr0YjXjgOIwxbznC4KFZdt1HtlHT4WxO2TStv2wKYjNQTOcqH4ubY0zuIFiuwZ3uYZ%2FZtNk0aGirpepm3TJDiVzdm6F9B7SVk7I3gHJ14nHI0%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
last-modified
Fri, 08 Apr 2022 18:27:53 GMT
server
cloudflare
etag
W/"0b0c633d59ab0af9553a98c0e7d97349"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop
IAD89-P1
cf-ray
6fb5c96c1e5a7150-YUL
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
Heinemann.min.css
samplers.heinemann.com/hs-fs/hub/197281/hub_generated/template_assets/426041717/1569736109506/Coded_files/Custom/page/custom-stylemanager/ 		126 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://samplers.heinemann.com/hs-fs/hub/197281/hub_generated/template_assets/426041717/1569736109506/Coded_files/Custom/page/custom-stylemanager/Heinemann.min.css
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
62356c567d761e72e332b2ca9ef33d2a43255efc0ce9acf0c86733330660c575

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:28 GMT
via
1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-P1
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
content-encoding
br
x-amz-request-id
3531KBNJGZ57JY4V
x-amz-id-2
U3u0ioZIXTWefCsia3cLv9Ih2SlcppepKUCL+Veo1yf/FfC6DopaU534Xmm3xDfzc9TA90/cGMY=
last-modified
Sun, 29 Sep 2019 05:48:30 GMT
server
cloudflare
etag
W/"3e6936a2c3a6fdbbce440fc867dd11c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZayvUiBnuzhdGhja5oVQkeOuAM8UuRmUT939QbsjwHdwgeex1P3BOs%2BAK0Jg8teCWM%2FCNuGiRRQgN6rXeGoiHcEoF7qIqqPPR%2B6rQh6%2Fsoq6of854jMb%2FilApracyygjoUJ11cc1Xrm%2F0qdpma2My2f5tFM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
iQIhIDqnm1ZltSQqWv1ZAik3AFYV5Vv6
cf-ray
6fb5c96bedd8ecf2-YUL
x-amz-cf-id
94U6d5w72mdQl7Jd_oVHUPirbycG-PuCVb__9QSI0rrpRChL-0UccQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
landing-page-logo.png
samplers.heinemann.com/hs-fs/hubfs/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://samplers.heinemann.com/hs-fs/hubfs/landing-page-logo.png?width=208&name=landing-page-logo.png
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
207ef518f270401d1379b58bc6d61548ace958a84e2830ee8ea06a75989a8e09

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
via
1.1 126bc2e5c4c1b9ac0ffa004edc6f02c4.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-P1
edge-cache-tag
F-26015747572,P-197281,FLS-ALL
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
content-length
4417
last-modified
Tue, 18 Feb 2020 18:32:38 GMT
server
cloudflare
etag
"646e964a685b5ee33cbb473f889cbcd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwzofGAHPYCbro5EQ6lKTpWAMVNFuOKoTXZ%2FWBQFTtX4JUOnOESZ1RYs%2BxQPH9Wmh5pTN0w%2BxqiqgPso33FQvI9QxS3FpUApcoZRjxXowRAxmhY9MqoeVrVkRUivkmUfrdumw04Ueq0gks6fwNqjJTZ%2FHd8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
6fb5c96cfef0ecf2-YUL
x-amz-cf-id
P0jyQfmaIWO5tXcux-iSkcYw-Y1WQwQLqQR-SJNgZdzQTBV816SqIw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
HMH-logo-white-horizontal.png
samplers.heinemann.com/hubfs/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://samplers.heinemann.com/hubfs/HMH-logo-white-horizontal.png
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0af0e8080f025db212df71ce7443c7a3671b69d86ec1879cf32f4e0d1a427527

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Wed, 13 Apr 2022 17:05:29 GMT
via
1.1 d2d900512286e3d26077b241153e569c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-3985016255,P-197281,FLS-ALL
age
2652
cf-polished
origFmt=png, origSize=7794
edge-cache-tag
F-3985016255,P-197281,FLS-ALL
content-disposition
inline; filename="HMH-logo-white-horizontal.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
x-amz-request-id
ZNTFEW6AZHMY1PDY
x-amz-id-2
QlwosD/iQEPauktzh25Ki7vjuWCAvbUlqRKF3B8RZqR36S034/9issu1Onn8fyRNjP4pVDDyHnY=
x-cache
RefreshHit from cloudfront
accept-ranges
bytes
last-modified
Tue, 10 Oct 2017 12:34:39 GMT
server
cloudflare
etag
"80374802e1caed2353492464b02167f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Jrt%2FBgWv%2BnZNgjvDfqLnDjXGRDpd9dhhlqOpVG60EqY8Jx4MYhxSOmdXeQmL%2Fxiyptkdrk9nDYRYGowCHCU5cLgv6jdcJZsJlI0XpO5bGdy1%2FIsrC4uIhUBhFsECMqhYwMrzaFCVdzfa8ZBDdjj4Iy8xSc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cf-bgj
imgq:85,h2pri
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
x.PUIduCboRrD4HwUwgqOZURnruin34O
x-amz-cf-pop
JFK51-C1
content-length
4882
cf-ray
6fb5c96cfef3ecf2-YUL
x-amz-cf-id
YV44svsTJ2iG1iC2RFebNMJsWPtfTEV8sUIfxT9bsnmlu38w42P9dQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
v2.js
samplers.heinemann.com/_hcms/forms/ 		567 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://samplers.heinemann.com/_hcms/forms/v2.js
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
84b473dd411478cf634fc14ecbb0a2a5843703188deafbeea61dbc44878f3837
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
via
1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
563
x-amz-server-side-encryption
AES256
cf-ray
6fb5c96c6e62ecf2-YUL
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
content-encoding
br
last-modified
Wed, 13 Apr 2022 09:43:34 UTC
server
cloudflare
etag
W/"1322361c96fe05a55ee8d169c2c9c6b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6pTcqEWKvTmFornPdZ5GNulAV7oMvzooFTNmTrbc1VvvC4hDDPIIf85EfuYFEfe94hN904S3I%2FMLHxerebzObIIrr1Kic7JYW7C3NVYJHyJadX9I1Vi68168azn6jOVQbV8koMtXtXRQskC3Zl5qyFbXYg%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
be2JG9rplxXMsxH2..5DbgP4viZLPAVm
access-control-allow-origin
*
cache-control
s-maxage=600, max-age=0
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
UXyRFqoIyBaZT7LCnIwTNnIP3_h3g-UTzqrCDs1VQnz-gk-bHwljBQ==
x-hs-target-asset
FormsNext/static-5.475/bundles/project_with_deps.js
197281.js
samplers.heinemann.com/hs/scriptloader/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://samplers.heinemann.com/hs/scriptloader/197281.js
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48321aeac5b7b39fc157e1ab6ee78337a84a54572a310b71c16511520d7920a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
00b28fe7-b628-41e6-9f6d-b9ff95296897
last-modified
Wed, 13 Apr 2022 17:04:24 GMT
server
cloudflare
x-trace
2B6F11A95C3C8A43AA57DD2866D351ECFE6701B813000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zs3blWLyzXBTwlr4bLP9PcVM6%2B6TIpeFqcp4hAgoEchWE16XcuBuonkw2VJcEwO2XRyxlYPJflttNsZ61C6wZ6mXczP6l1l3uwo%2FvnJ%2FX98Crz%2B3jcbaB1fVKsGoExbnspiCXA50b7B%2BOQ%2Bx9ecfFsNx32Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://samplers.heinemann.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
6fb5c96cfef6ecf2-YUL
expires
Wed, 13 Apr 2022 17:06:29 GMT
heinemann.js
cdn.blueconic.net/ 		131 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.blueconic.net/heinemann.js
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.118.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-118-4.ewr52.r.cloudfront.net
Software
- /
Resource Hash
3246cb22fe1bd21a08db38a14c8e9510e7c7f65e577ec5771165945188db5290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
76
x-cache
Hit from cloudfront
content-length
40317
x-xss-protection
1; mode=block
last-modified
Wed, 23 Feb 2022 08:26:08 GMT
server
-
etag
"20d94-5d8ab37ae9d98-gzip"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 3c6fb804e042beb7f78515bd450ae3a2.cloudfront.net (CloudFront)
cache-control
public, max-age=600, s-maxage=500
x-amz-cf-pop
EWR52-C3
accept-ranges
none
x-robots-tag
noindex, nofollow
x-amz-cf-id
khFaSknDWOpm-vyAR34wdweCHF2WjSArGsdgdmIe2D8xqgoUjguQtQ==
custom.js
se.monetate.net/js/3/a-6133d6de/p/heinemann.com/t1492692997/bad49b9958243577/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://se.monetate.net/js/3/a-6133d6de/p/heinemann.com/t1492692997/bad49b9958243577/custom.js
Requested by
Host: se.monetate.net
URL: https://se.monetate.net/js/2/a-6133d6de/p/heinemann.com/entry.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.105.82.187 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-82-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
19ff96d819b8cdfbf79e45e97ea231ecbdbbe9293f69b85428f35eb620bdff95

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
gzip
last-modified
Fri, 18 Feb 2022 17:04:18 GMT
server
AkamaiNetStorage
etag
"f3290642d14c4739d8385931fa3dc9ca:1645203858.076258"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
get_focused_LP.png
samplers.heinemann.com/hs-fs/hubfs/S22_LP/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://samplers.heinemann.com/hs-fs/hubfs/S22_LP/get_focused_LP.png?width=945&name=get_focused_LP.png
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
890f932267d335a7640da7672b557235f305856993905c2e80a100ad0120b2f6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1646845077978
date
Wed, 13 Apr 2022 17:05:29 GMT
via
1.1 5148e372b4ab17878741ea92be548472.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-P1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
cf-ray
6fb5c96d2f2decf2-YUL
edge-cache-tag
F-68127023776,FD-63228431507,P-197281,FLS-ALL
x-amz-meta-index-tag
all
x-amz-replication-status
COMPLETED
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
content-length
22446
last-modified
Wed, 09 Mar 2022 16:57:59 GMT
server
cloudflare
etag
"44292770721595b1f589e0ec5639d81f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yXv4Ya0rxK5dmPHdsWK3OQdRPpxD6V%2BZU7mCN7dyA4vF0DAWZa2ypuzBY7OYldnPLyj21VYpxRBlFkV7eRKp6izP94sqR7FTDfRi1%2F7E2vbXvVoReDF5ETzz6ZrDDP5CzCIYTqCpmLPp%2BiXrAxe3A81OHg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
all
x-amz-cf-id
O_KZ6h0EFUaeotPQyZhP0MdbqH2JjZ7oTCxGXt5asZvka0jq_WIb3A==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
9780325135243.jpg
www.heinemann.com/shared/covers/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heinemann.com/shared/covers/9780325135243.jpg
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.203 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fa7ec1c57f4ac548d6d68d9d1780f1bf79ce21358bfe60da7c2cad1cdd498604

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:04:15 GMT
last-modified
Tue, 01 Mar 2022 13:56:51 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"16d4734742dd81:0"
content-type
image/jpeg
access-control-allow-origin
*
x-iinfo
10-115175965-115175967 NNNY CT(13 12 0) RT(1649869528335 0) q(0 0 0 0) r(0 0) U5
accept-ranges
bytes
content-length
16667
x-cdn
Imperva
Animated_GIF_Get_Focused_Laptop_v02.gif
samplers.heinemann.com/hs-fs/hubfs/S22_LP/ 		152 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://samplers.heinemann.com/hs-fs/hubfs/S22_LP/Animated_GIF_Get_Focused_Laptop_v02.gif?width=600&name=Animated_GIF_Get_Focused_Laptop_v02.gif
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb15c3eae36bcdcbc040e30dd8c32f88e7bfb08d1675cc9591e4066cdecb7b9a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1646686045428
date
Wed, 13 Apr 2022 17:05:29 GMT
via
1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-P1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
cf-ray
6fb5c96d2f30ecf2-YUL
edge-cache-tag
F-67957888293,FD-63228431507,P-197281,FLS-ALL
x-amz-meta-index-tag
all
x-amz-replication-status
COMPLETED
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
content-length
155496
last-modified
Mon, 07 Mar 2022 20:47:26 GMT
server
cloudflare
etag
"2aa8620ec909f7b8e68209c8882d78a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wkdyabya9Pk0mNNujEmM4E01h5PZw0Iypc6z9HHK0Usz6oigO5Bfmj7yBYqTpFWtS9npwEnYsLcoGwkYfejYaYS9T3CUaka1vfo4NK0a9BGlYhIJhvi14CMmiuSfZkS9VnOzct1%2BwcSbJLTk4UBWRBpQJyg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
all
x-amz-cf-id
FmuCdyXD3mCGxHF_4CMZxIBwZ1GgS64nwtH7OWlq4dybmdYzSFoLSQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
9a4b4fdd-b04c-4ffc-b60a-c78083f2402a
samplers.heinemann.com/_hcms/forms//embed/v3/form/197281/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://samplers.heinemann.com/_hcms/forms//embed/v3/form/197281/9a4b4fdd-b04c-4ffc-b60a-c78083f2402a?callback=hs_reqwest_0&hutk=
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fced198b518bb50fec65fd07afd1745ad209e719b5a18ab3e58034174d7f4b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-origin-hublet
na1
date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
f999f112-ff13-4dcc-af12-61beff9a927c
cf-ray
6fb5c96d6f6aecf2-YUL
content-disposition
attachment; filename=no-rfd.txt
vary
Accept-Encoding
server
cloudflare
x-trace
2B85EFDC0D18D76E5D19F55C0DB55002A5BA71F12A000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G83WwQ52I%2B1yBePi%2BGoI6ZWrOorJ9g6HEJpBlNUTYYUx4%2B8uyOCIpsn9%2BF1Crq4NPWHktIYpau270obgxqWFKoY%2Bx3TJ9C2O%2F6zw7cjtSFqIbZ3A304wBP0%2BpY1UAQVbORUsdQ3MGLJjuuoYm%2BVfinvSM4g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
+y0tn5OX54wOaQ6zpEqBzdVwwNo4GuVFQW9vxwgSRqznzJ59utmBQbJ+FbA0z1O9TJKi5OxMLXdSUDmo3pjyPA==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Wed, 13 Apr 2022 17:05:29 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
197281.js
js.hs-banner.com/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/197281.js
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/hs/scriptloader/197281.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d220273a6c4b62af124e4c4122d21d44019f19b37cdb472de0c0cff89f35d18

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
59KAWJ2950N831PS
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
4xZ4L8aiBfPRXTsH5pMsgIsxGsDDxfCq7JDv3E7wh9NkDQXIEpg8GbUii47wviqaWK5/EJ2snn0=
timing-allow-origin
*
last-modified
Thu, 31 Mar 2022 03:21:59 GMT
server
cloudflare
etag
W/"eb6566da582f23bf031df8c78769c168"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
eJGFhadk9OHeLGxhOcgfaPMTswILi4CQ
access-control-allow-origin
https://www.heinemann.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
6fb5c96daced7151-YUL
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Wed, 13 Apr 2022 17:09:00 GMT
197281.js
js.hs-analytics.net/analytics/1649869500000/ 		181 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1649869500000/197281.js
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/hs/scriptloader/197281.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5095258faf3389c60bd2d8fec487f62396d4965f34ad3838af8404d1445a3fbd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
GEZ9TMBSAWW2HF72
x-amz-server-side-encryption
AES256
cf-ray
6fb5c96d9cc3713e-YUL
x-amz-id-2
b6KDeYwslilTP3v3VgdZXEtWHdBXbF1BsCAsTyFPQWvaX+WO4UzpL+5UOU0VG/7qsyjXObsZZrY=
last-modified
Tue, 05 Apr 2022 14:52:34 GMT
server
cloudflare
etag
W/"b8650c4bbcaec428d49f57cf1692838a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Wed, 13 Apr 2022 17:10:29 GMT
leadflows.js
js.hsleadflows.net/ 		534 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/hs/scriptloader/197281.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
947d6c755989ac2b8e761deb8f7c3d38c30f9e01ce86b4ce1c8f3a2e1d1e5221

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Origin
https://samplers.heinemann.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
via
1.1 b9d1b307966c2273bf97ed7c681603da.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
10170
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1080/bundle/main/lead-flows-release.js&cfRay=6fb4d125c96e4bbe-IAD
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-ray
6fb5c96da9ccecfa-YUL
last-modified
Tue, 01 Mar 2022 09:57:40 UTC
server
cloudflare
etag
W/"57a8210ba9519a68ae76dcc1857db0f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
qE7M39zrJ2dCa.o34UdW.NnTPVZDG9U3
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
IAD89-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
sDdOSXqBxZtuZ0WRTG4uwNCsDjXzfAVAF76vjMBGDpOQ9Hcz4AVgtA==
x-hs-target-asset
lead-flows-js/static-1.1080/bundle/main/lead-flows-release.js
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/hs/scriptloader/197281.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b380fd1d4be3f96d60c906fe1d99eab6889bde30237970cc89c594a046512d9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
via
1.1 126bc2e5c4c1b9ac0ffa004edc6f02c4.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
84
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.271/bundles/pixels-release.js&cfRay=6fa37ea09deb53dd-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Mon, 11 Apr 2022 11:48:33 UTC
server
cloudflare
etag
W/"47b0b7b18e1503375b291cc1b7c74b23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
lX12pg97aZ6nFxI20fZrV3YZQA5q.sWB
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
6fb5c96da952ca53-YUL
x-amz-cf-id
D5h366qITfiOheDtay2HNwmQLm2QWH4FfyaJThTloxueY5I4A2neUA==
x-hs-target-asset
adsscriptloaderstatic/static-1.271/bundles/pixels-release.js
312
heinemann.blueconic.net/DG/DEFAULT/rest/rpc/ 		85 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://heinemann.blueconic.net/DG/DEFAULT/rest/rpc/312?referer=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&bcsessionid=&bctempid=&overruleReferrer=&time=2022-04-13T17%3A05%3A29%2B00%3A00&ts=1649869529207
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/heinemann.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.130.168 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-130-168.compute-1.amazonaws.com
Software
- /
Resource Hash
7e0cc136f27abbe998e79a6bd198d6930fc69ea99b491afdf127eac9194e5772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://samplers.heinemann.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
10415
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
83804104-0
f.monetate.net/trk/4/s/a-6133d6de/p/heinemann.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://f.monetate.net/trk/4/s/a-6133d6de/p/heinemann.com/83804104-0?mr=t1492692997&mi=%272.1146934261.1649869529097%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=HubSpot-Samplers-Subdomain&r=%27http://pull.xmr3.com/%27&sw=1600&sh=1200&sc=24&j=!f&u=%27https://samplers.heinemann.com/get-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR%27&fl=!f&hvc=!t&eoq=!t
Requested by
Host: se.monetate.net
URL: https://se.monetate.net/js/3/a-6133d6de/p/heinemann.com/t1492692997/bad49b9958243577/custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.48.193 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-48-193.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
has-permission
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 		0
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=197281&callback=jsonpHandler
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/hs/hsstatic/HubspotToolsMenu/static-1.128/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-hs-worker-debug-mode
false
server
cloudflare
x-hubspot-correlation-id
5df6e8a5-7a49-4ae2-b576-c478c44a2e0d
x-trace
2BEE66D1979907BE52AFDD4223897C0430B3468619000000000000000000
date
Wed, 13 Apr 2022 17:05:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
cf-cache-status
DYNAMIC
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
cache-control
max-age=0
access-control-allow-credentials
true
cf-ray
6fb5c96ddcfbecee-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
enterprise.js
www.google.com/recaptcha/ 		1008 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a291bd34fd4ae9447344c42523ed0daf871ce0cb3fc823a552376cf6cabf6513
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
616
x-xss-protection
1; mode=block
expires
Wed, 13 Apr 2022 17:05:29 GMT
940171109376247
connect.facebook.net/signals/config/ 		307 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/940171109376247?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0695d0e7d2fbe8b5504c1fb5a45a63dee5ab23de61738ec62919e0607b880e02
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89219
x-xss-protection
0
pragma
public
x-fb-debug
ExslAVh2RBbX53LT92G6WXhmwhcxZXnLv7DMFraBw9yFdVDYtUZmrIJIr+7yPZXZX2NopHbTMa2pIR6fLaObPQ==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 13 Apr 2022 17:05:29 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
91cc9a258a14e71d587db9bc5b7269fb
heinemann.blueconic.net/plugin/plugin/ 		186 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heinemann.blueconic.net/plugin/plugin/91cc9a258a14e71d587db9bc5b7269fb
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/heinemann.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.130.168 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-130-168.compute-1.amazonaws.com
Software
- /
Resource Hash
1a8dc7293a407ffbe94bfc946a4bd673106aa49400bc4e7acf3f0cbe05d60ff7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 17:05:29 GMT
server
-
etag
91cc9a258a14e71d587db9bc5b7269fb
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
public, no-cache="Set-Cookie", max-age=31536000
content-type
text/javascript; charset=utf-8
content-length
45389
x-xss-protection
1; mode=block
expires
Thu, 13 Apr 2023 17:05:29 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ 		359 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b442e9ec49c9f90ab11f2d87a368a99a92a05b5acd9bcaf865aa551ba1f8cb8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Origin
https://samplers.heinemann.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 13:08:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144314
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 13:08:57 GMT
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=940171109376247&ev=PageView&dl=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&rl=http%3A%2F%2Fpull.xmr3.com%2F&if=false&ts=1649869529370&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649869529369.1896053450&it=1649869529304&coo=false&rqm=GET
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 13 Apr 2022 17:05:29 GMT
20612b4eefab67c6e8c78c3991cfab01
heinemann.blueconic.net/plugin/library/ 		415 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heinemann.blueconic.net/plugin/library/20612b4eefab67c6e8c78c3991cfab01
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/heinemann.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.130.168 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-130-168.compute-1.amazonaws.com
Software
- /
Resource Hash
b1d6fce6a0f552bda0a9a95f9d44196215bbc0bd1602ebd9256f6595cfaba21e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 17:05:29 GMT
server
-
etag
20612b4eefab67c6e8c78c3991cfab01
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
public, no-cache="Set-Cookie", max-age=31536000
content-type
text/javascript; charset=utf-8
content-length
128130
x-xss-protection
1; mode=block
expires
Thu, 13 Apr 2023 17:05:29 GMT
LB-Zone-2
heinemann.blueconic.net/DG/DEFAULT/rest/rpc/312/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://heinemann.blueconic.net/DG/DEFAULT/rest/rpc/312/LB-Zone-2?referer=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&bcsessionid=&bctempid=271f9915-9f47-4ebb-ae6e-714803bd5edd&overruleReferrer=&time=2022-04-13T17%3A05%3A29%2B00%3A00&ts=1649869529395
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/heinemann.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.130.168 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-130-168.compute-1.amazonaws.com
Software
- /
Resource Hash
577bae50985c9b061220ffacdebc3bd76b2b0770511991fedbf643b79bb2ac45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://samplers.heinemann.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
1106
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
heinemann.blueconic.net/DG/DEFAULT/ 		66 B
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://heinemann.blueconic.net/DG/DEFAULT/cs?bcsessionid=271f9915-9f47-4ebb-ae6e-714803bd5edd&&callback=bc_json313
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/heinemann.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.130.168 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-130-168.compute-1.amazonaws.com
Software
- /
Resource Hash
efc49223047acfa13ee73453bed50b6ad405faf627e6b0727953f88e63c49c36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-type
text/javascript; charset=utf-8
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
events
heinemann.blueconic.net/rest/custom/frontend/listener_geofencing/ 		2 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://heinemann.blueconic.net/rest/custom/frontend/listener_geofencing/events?profileId=271f9915-9f47-4ebb-ae6e-714803bd5edd&itemId=b86f4711-6688-4cb7-ac78-bf7fd0f9a2a3&latitude=45.4995&longitude=-73.5848
Requested by
Host: heinemann.blueconic.net
URL: https://heinemann.blueconic.net/plugin/plugin/91cc9a258a14e71d587db9bc5b7269fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.130.168 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-130-168.compute-1.amazonaws.com
Software
- /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:29 GMT
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://samplers.heinemann.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private, no-cache="Set-Cookie"
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
2
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
312
heinemann.blueconic.net/DG/DEFAULT/rest/rpc/ 		373 B
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://heinemann.blueconic.net/DG/DEFAULT/rest/rpc/312?referer=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&bcsessionid=271f9915-9f47-4ebb-ae6e-714803bd5edd&bctempid=&overruleReferrer=&time=2022-04-13T17%3A05%3A29%2B00%3A00&ts=1649869529511
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/heinemann.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.130.168 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-130-168.compute-1.amazonaws.com
Software
- /
Resource Hash
f95c57d7a7b9e77e07ae94e0b4a8837bc7e62ed2524d00c17413b3d8fa77e683
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://samplers.heinemann.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
176
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
312
heinemann.blueconic.net/DG/DEFAULT/rest/rpc/ 		187 B
898 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://heinemann.blueconic.net/DG/DEFAULT/rest/rpc/312?referer=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&bcsessionid=271f9915-9f47-4ebb-ae6e-714803bd5edd&bctempid=&overruleReferrer=&time=2022-04-13T17%3A05%3A29%2B00%3A00&ts=1649869529512
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/heinemann.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.130.168 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-130-168.compute-1.amazonaws.com
Software
- /
Resource Hash
60079aa14b57c975985e4e342e397ea3ae7f677db676b0d8d9517b566c9271b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://samplers.heinemann.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
167
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
anchor
www.google.com/recaptcha/enterprise/ Frame 3ED2 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zYW1wbGVycy5oZWluZW1hbm4uY29tOjQ0Mw..&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&badge=inline&cb=dowaw8b01scl
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
58cbd44ccca0a690dc8debb6b40106971f53500b38afbb943cbc227b9abc6a2d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3lijpz3VbuF7lpIDVfwvBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22711
content-security-policy
script-src 'report-sample' 'nonce-3lijpz3VbuF7lpIDVfwvBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 17:05:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=197281
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
f1b3e998-ae33-4829-aeef-3f49e769274c
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
x-robots-tag
none
last-modified
Wed, 13 Apr 2022 17:05:29 GMT
server
cloudflare
x-trace
2B62DC6E41BD5C05F3F32A0E29879306F534E881EA000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
6fb5c96fe8fa4bd0-YUL
styles__ltr.css
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 3ED2 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zYW1wbGVycy5oZWluZW1hbm4uY29tOjQ0Mw..&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&badge=inline&cb=dowaw8b01scl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 00:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 00:19:50 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 3ED2 		359 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zYW1wbGVycy5oZWluZW1hbm4uY29tOjQ0Mw..&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&badge=inline&cb=dowaw8b01scl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b442e9ec49c9f90ab11f2d87a368a99a92a05b5acd9bcaf865aa551ba1f8cb8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 13:08:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144314
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 13:08:57 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3ED2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 13:59:43 GMT
x-content-type-options
nosniff
age
356746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sat, 16 Apr 2022 13:59:43 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3ED2 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zYW1wbGVycy5oZWluZW1hbm4uY29tOjQ0Mw..&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&badge=inline&cb=dowaw8b01scl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 15:59:51 GMT
x-content-type-options
nosniff
age
90338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 12 Apr 2023 15:59:51 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3ED2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zYW1wbGVycy5oZWluZW1hbm4uY29tOjQ0Mw..&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&badge=inline&cb=dowaw8b01scl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 07:04:51 GMT
x-content-type-options
nosniff
age
122438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Apr 2023 07:04:51 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame 3ED2 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zYW1wbGVycy5oZWluZW1hbm4uY29tOjQ0Mw..&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&badge=inline&cb=dowaw8b01scl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1eaf6916b7bd86df3543dd6c34db33a1abc02581ae2650f2ea288dabcc7518fb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zYW1wbGVycy5oZWluZW1hbm4uY29tOjQ0Mw..&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&badge=inline&cb=dowaw8b01scl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 13 Apr 2022 17:05:29 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1293
date
Wed, 13 Apr 2022 16:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 13 Apr 2022 18:43:56 GMT
gtm.js
www.googletagmanager.com/ 		196 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5GMPBB6
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c92da32a1c55d9843bfafa955704dffa08ab1630e9e3cbe6d255d33a3e421d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70552
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Apr 2022 17:05:29 GMT
json
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 		75 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=197281
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4b63fb2b97dcece12c775c9df15d951467a93302f127f5e53c007ebd5e24b01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
e29b8aa0-9561-4826-933a-25b8032c1154
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2B67FABEC4606394BC8AACE82266D7A9494BAA2BAA000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08fRW6UqtOkJnrnm7Z3cf4iGJt9RMw25nc3bM15RrI14IzNkEaStO6nLRDjECAPjB0IaVmTwQRD%2BYcM6NJE6XFGmplmfGNTca0JEn42MRxwnMkGYB1oRrEVJKKmib4k6HDNjSuQXAbaXe5rr"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://samplers.heinemann.com
access-control-allow-credentials
false
cf-ray
6fb5c971d86decf6-YUL
access-control-allow-headers
*
__ptq.gif
track.hubspot.com/ 		45 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=17&fi=9a4b4fdd-b04c-4ffc-b60a-c78083f2402a&fci=c78271b4-c217-4bc3-94ce-dc2563fc4b5d&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1541009889&v=1.1&a=197281&pi=67955911303&ct=landing-page&ccu=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused&cpi=67955911303&lpi=67955911303&lvi=67955911303&lvc=en&tc=67955867402-67955867403-7&r=http%3A%2F%2Fpull.xmr3.com%2F&pu=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&t=Get+Focused+%7C+Ralph+Fletcher&cts=1649869529875&vi=3e1278dd8d9202d85d52680d586588e4&nc=true&u=140855213.3e1278dd8d9202d85d52680d586588e4.1649869529870.1649869529870.1649869529870.1&b=140855213.1.1649869529870&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
9cf9d5f8-c19b-4e39-bd30-68ddbc6ec257
cf-ray
6fb5c971e8e5ecee-YUL
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAngsMqCmFL5eu%2B97wKchRvxqVFvW%2FaCPy6dHbQmZyVIpM8avarwb88Vzu5VUSSNsfsi34iJxQS%2FDoLAezqQZCCg0e2oek6Vfqpix7LcRUBuEG0Q64hXScLeJMjz7tHyxE7JJwxfQTvOnLGstNKW"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=9a4b4fdd-b04c-4ffc-b60a-c78083f2402a&fci=c78271b4-c217-4bc3-94ce-dc2563fc4b5d&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1541009889&v=1.1&a=197281&pi=67955911303&ct=landing-page&ccu=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused&cpi=67955911303&lpi=67955911303&lvi=67955911303&lvc=en&tc=67955867402-67955867403-7&r=http%3A%2F%2Fpull.xmr3.com%2F&pu=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&t=Get+Focused+%7C+Ralph+Fletcher&cts=1649869529879&vi=3e1278dd8d9202d85d52680d586588e4&nc=true&u=140855213.3e1278dd8d9202d85d52680d586588e4.1649869529870.1649869529870.1649869529870.1&b=140855213.1.1649869529870&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
9814763a-0a9d-4117-865a-99670856096f
cf-ray
6fb5c971e8e6ecee-YUL
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OzmYLeTFHSX9XJ7KY1aLluhDyUSfwkumtFdUXK8fbQ6uIdoGbzzM34IRBMgB2wwzU9szwoCnckwyK9MMj266g1MRG1Du2te8VQZYXUQodhvTS24AbyGZTGKnS55YqEx%2Fc0wcJAoSKdp2g9udmNn"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1541009889&v=1.1&a=197281&pi=67955911303&ct=landing-page&ccu=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused&cpi=67955911303&lpi=67955911303&lvi=67955911303&lvc=en&tc=67955867402-67955867403-7&r=http%3A%2F%2Fpull.xmr3.com%2F&pu=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&t=Get+Focused+%7C+Ralph+Fletcher&cts=1649869529881&vi=3e1278dd8d9202d85d52680d586588e4&nc=true&u=140855213.3e1278dd8d9202d85d52680d586588e4.1649869529870.1649869529870.1649869529870.1&b=140855213.1.1649869529870&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
f10b3bd7-7564-4b52-884f-eb954638dfa1
cf-ray
6fb5c971e8e7ecee-YUL
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7Sv52od0fuJx%2B3eq4hEmoJMGhYOwI4MEop1enJvG9JJSFY%2FP9iEOiBLPKLqwJCuildrx%2BZqNizLN2tF8wGR3NzpOkUteuMmOlhOWDXq0lIIV2hZfGuLkqfUMkJjA3rXR5BD9SxmFlq4gy%2FTQHLh"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
bframe
www.google.com/recaptcha/enterprise/ Frame E870 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
09f7f400ac67a7b84d6c2b0739abe75e29f659781ec5d0e423e6e34a54d18434
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tG39oUMTDXiruK+neTRhfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1114
content-security-policy
script-src 'report-sample' 'nonce-tG39oUMTDXiruK+neTRhfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 17:05:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=940171109376247&ev=Microdata&dl=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&rl=http%3A%2F%2Fpull.xmr3.com%2F&if=false&ts=1649869529900&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Get%20Focused%20%7C%20Ralph%20Fletcher%22%2C%22meta%3Adescription%22%3A%22Check%20out%20a%20sample%20video%20and%20lesson%20of%20Get%20Focused%20by%20Ralph%20Fletcher.%20Heinemann%20Publishing%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Check%20out%20a%20sample%20video%20and%20lesson%20of%20Get%20Focused%20by%20Ralph%20Fletcher.%20Heinemann%20Publishing%22%2C%22og%3Atitle%22%3A%22Get%20Focused%20%7C%20Ralph%20Fletcher%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1649869529369.1896053450&it=1649869529304&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 13 Apr 2022 17:05:29 GMT
json
forms.hubspot.com/lead-flows-config/v1/config/ 		0
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame E870 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 00:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 00:19:50 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame E870 		359 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b442e9ec49c9f90ab11f2d87a368a99a92a05b5acd9bcaf865aa551ba1f8cb8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 13:08:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144314
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 13:08:57 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1303988187&t=pageview&_s=1&dl=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&dr=http%3A%2F%2Fpull.xmr3.com%2F&ul=en-us&de=UTF-8&dt=Get%20Focused%20%7C%20Ralph%20Fletcher&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1227680585&gjid=79890177&cid=203570610.1649869530&tid=UA-7464552-1&_gid=741153312.1649869530&_r=1&_slc=1&z=558085977
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://samplers.heinemann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
2698219957145679
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2698219957145679?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
af94966556e71cdaa2d09798826a3024697c97de1d21b9e813456e2eac7393ed
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89199
x-xss-protection
0
pragma
public
x-fb-debug
gwC0kP1ze5s1EPvelAzvu/MWxPVkfwc34akjoaheRbapwTXvBZ5/aaOFIG/EbNKPYbhZOsQaVobQVknHltkxQQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 13 Apr 2022 17:05:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7464552-1&cid=203570610.1649869530&jid=1227680585&gjid=79890177&_gid=741153312.1649869530&_u=IEBAAEAAAAAAAC~&z=1144568339
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 13 Apr 2022 17:05:30 GMT
content-type
text/plain
access-control-allow-origin
https://samplers.heinemann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1303988187&t=pageview&_s=1&dl=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&dr=http%3A%2F%2Fpull.xmr3.com%2F&ul=en-us&de=UTF-8&dt=Get%20Focused%20%7C%20Ralph%20Fletcher&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=134226132&gjid=1769907233&cid=203570610.1649869530&tid=UA-7464552-1&_gid=741153312.1649869530&_r=1&gtm=2wg4605GMPBB6&z=734422935
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://samplers.heinemann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics_debug.js
www.google-analytics.com/u/ 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/u/analytics_debug.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GMPBB6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7fd7b12c28058e709429faff256ac16be20c06e89d328381e2db43877a7fc555
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 16:26:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2325
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25352
expires
Wed, 13 Apr 2022 18:26:45 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GMPBB6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
58458c9c39d176d9adc253f615f6d5d6929025f079b9cea6da5ff75b78412fdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14891
x-xss-protection
0
server
cafe
etag
15578940072733390615
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 17:05:30 GMT
hotjar-1696046.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1696046.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GMPBB6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-90.ewr52.r.cloudfront.net
Software
/
Resource Hash
d0abedcaade1f4a4e393361484fa3c97b4f1b7664a428df5c5417fbf6ab2ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
48
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1914
access-control-allow-origin
*
cache-control
max-age=60
etag
W/fbb0465439a7565c0ebcdb22d3337591
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 fd1b0d50927ebc133be8d4d72e17af24.cloudfront.net (CloudFront)
x-cache-hit
1
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
hsR58GHFanMIDr5QW91d6PyU8uNIW4xd-H0f1vfXvHCKMxwONSwI7Q==
312
heinemann.blueconic.net/DG/DEFAULT/rest/rpc/ 		187 B
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://heinemann.blueconic.net/DG/DEFAULT/rest/rpc/312?referer=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&bcsessionid=271f9915-9f47-4ebb-ae6e-714803bd5edd&bctempid=&overruleReferrer=&time=2022-04-13T17%3A05%3A30%2B00%3A00&ts=1649869530111
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/heinemann.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.130.168 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-130-168.compute-1.amazonaws.com
Software
- /
Resource Hash
fc48548bb995c281b3ab6f56029923218df05cdfc3a49506807ff7c03c0f3f2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://samplers.heinemann.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
166
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
312
heinemann.blueconic.net/DG/DEFAULT/rest/rpc/ 		187 B
901 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://heinemann.blueconic.net/DG/DEFAULT/rest/rpc/312?referer=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&bcsessionid=271f9915-9f47-4ebb-ae6e-714803bd5edd&bctempid=&overruleReferrer=&time=2022-04-13T17%3A05%3A30%2B00%3A00&ts=1649869530112
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/heinemann.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.130.168 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-130-168.compute-1.amazonaws.com
Software
- /
Resource Hash
ca70c5161c99af3a27cb2c5cb7a8941c3c731e1d45f23e4611bec06d9b2b7fa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://samplers.heinemann.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
167
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1303988187&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&dr=http%3A%2F%2Fpull.xmr3.com%2F&ul=en-us&de=UTF-8&dt=Get%20Focused%20%7C%20Ralph%20Fletcher&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=blueconic&ea=connection&el=dimensions&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=203570610.1649869530&tid=UA-7464552-1&_gid=741153312.1649869530&gtm=2wg4605GMPBB6&cd8=271f9915-9f47-4ebb-ae6e-714803bd5edd&cd9=PERSONAL&z=1767842879
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 04:24:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45678
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1303988187&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&dr=http%3A%2F%2Fpull.xmr3.com%2F&ul=en-us&de=UTF-8&dt=Get%20Focused%20%7C%20Ralph%20Fletcher&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=blueconic&ea=connection&el=metric&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=203570610.1649869530&tid=UA-7464552-1&_gid=741153312.1649869530&gtm=2wg4605GMPBB6&z=791338889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 04:24:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45678
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
reload
www.google.com/recaptcha/enterprise/ Frame E870 		38 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3dda0a106a84596b0a4257d2d0c3b896ebe6d2f2d8f27739b0d8f500744a86a1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Wed, 13 Apr 2022 17:05:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23570
x-xss-protection
1; mode=block
expires
Wed, 13 Apr 2022 17:05:30 GMT
1590877407891455
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1590877407891455?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9a763944a1f2ac50079dcd179566ed250c8ebbc9a3483080bda2bd2c2832efde
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89147
x-xss-protection
0
pragma
public
x-fb-debug
zpoZw6ngqeQcA6pt7uoUcMAt2/5wegVES+G4zGX2GUSWhPCk01L/RNy/WCNj9ymT3MSGuAoCKVUrMED7Xg1zTw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 13 Apr 2022 17:05:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2698219957145679&ev=PageView&dl=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&rl=http%3A%2F%2Fpull.xmr3.com%2F&if=false&ts=1649869530135&sw=1600&sh=1200&ud[external_id]=3e1278dd8d9202d85d52680d586588e4&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649869529369.1896053450&it=1649869529304&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 13 Apr 2022 17:05:30 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7464552-1&cid=203570610.1649869530&jid=134226132&gjid=1769907233&_gid=741153312.1649869530&_u=aEDAAEABAAAAAC~&z=1352140387
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 13 Apr 2022 17:05:30 GMT
content-type
text/plain
access-control-allow-origin
https://samplers.heinemann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1303988187&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&dr=http%3A%2F%2Fpull.xmr3.com%2F&ul=en-us&de=UTF-8&dt=Get%20Focused%20%7C%20Ralph%20Fletcher&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Scroll&_u=aEHAAEABAAAAAC~&jid=1251344016&gjid=1577063397&cid=203570610.1649869530&tid=UA-120142702-2&_gid=741153312.1649869530&_r=1&gtm=2wg4605GMPBB6&z=700233358
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://samplers.heinemann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7464552-1&cid=203570610.1649869530&jid=1227680585&_u=IEBAAEAAAAAAAC~&z=352414892
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7464552-1&cid=203570610.1649869530&jid=1227680585&_u=IEBAAEAAAAAAAC~&z=352414892
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.0076bf93c385ddf0ff58.js
script.hotjar.com/ 		239 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.0076bf93c385ddf0ff58.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1696046.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-38.ewr53.r.cloudfront.net
Software
/
Resource Hash
e0e44c153e6969ff112250bc468dd4615e5f48f2b2db3e3ffabc11be9d9b6313
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 10:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
22584
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
63817
access-control-allow-origin
*
last-modified
Wed, 13 Apr 2022 10:48:29 GMT
etag
"838915b4bc2438e3190a8320d0520962"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 366ff516a3e74c5fb4d4d2286497d924.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
Nk7S4jDk8rZdH9cvFnQ36auYpxHMI9NAgNX48QbqlZlfbnxbBHWBLQ==
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1590877407891455&ev=PageView&dl=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&rl=http%3A%2F%2Fpull.xmr3.com%2F&if=false&ts=1649869530182&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649869529369.1896053450&it=1649869529304&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 13 Apr 2022 17:05:30 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7464552-1&cid=203570610.1649869530&jid=134226132&_u=aEDAAEABAAAAAC~&z=1690623673
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7464552-1&cid=203570610.1649869530&jid=134226132&_u=aEDAAEABAAAAAC~&z=1690623673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-120142702-2&cid=203570610.1649869530&jid=1251344016&gjid=1577063397&_gid=741153312.1649869530&_u=aEHAAEABAAAAAC~&z=535926039
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 13 Apr 2022 17:05:30 GMT
content-type
text/plain
access-control-allow-origin
https://samplers.heinemann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-4924254a9ce4dc9b959b6e4a9b662d60.html
vars.hotjar.com/ Frame 6436 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1696046.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.146.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-146-2.ewr52.r.cloudfront.net
Software
/
Resource Hash
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
22584
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 10:49:06 GMT
etag
"1635635016e428baa170305e9282c34a"
last-modified
Wed, 13 Apr 2022 10:48:29 GMT
vary
Accept-Encoding
via
1.1 833189e24f3e31812a47b595ff310a14.cloudfront.net (CloudFront)
x-amz-cf-id
XYIvA7NJN4OmnBBSlLmwhv20g50HTkS5rJXhbZvs5qxnyOiXClnV6g==
x-amz-cf-pop
EWR52-C2
x-cache
Hit from cloudfront
x-robots-tag
none
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964873648/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964873648/?random=1649869530242&cv=9&fst=1649869530242&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg460&sendb=1&ig=1&data=event%3Dgtm.js&frm=0&url=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&ref=http%3A%2F%2Fpull.xmr3.com%2F&tiba=Get%20Focused%20%7C%20Ralph%20Fletcher&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad4ef6cdec03a925c96109f724eb7eaadb31398d8bffad469c58a8dceb64d75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1135
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame E870 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 19:41:16 GMT
x-content-type-options
nosniff
age
595454
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 13 Apr 2022 19:41:16 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame E870 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:30:19 GMT
x-content-type-options
nosniff
age
549311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Thu, 14 Apr 2022 08:30:19 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame E870 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:30:23 GMT
x-content-type-options
nosniff
age
549307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Thu, 14 Apr 2022 08:30:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E870 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 15:59:51 GMT
x-content-type-options
nosniff
age
90339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 12 Apr 2023 15:59:51 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E870 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 01:45:57 GMT
x-content-type-options
nosniff
age
227973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Apr 2023 01:45:57 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E870 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 07:04:51 GMT
x-content-type-options
nosniff
age
122439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Apr 2023 07:04:51 GMT
payload
www.google.com/recaptcha/enterprise/ Frame E870 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/enterprise/payload?p=06AGdBq24Py8XVLPyDW-ATYAOqjyKKsX6sViy1YXJMwN5qI8tiErmFVwjEU2F6-gensMjzM00gsIx6ASnbYOi8buK9GRynHXQO-gk-cj6yHfhy8ThgUODitxb9ORz4Ff5hTU8b4MUZTxcoC_1LgQ-mNOFTA-2fgekZUWXRA9A-vyqhPngCfcwfsyySYxjy1PBtdfeqQ3P7BLlrmFBQHqaFlKWat2PpBUILQw&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5efb984c9c77de53166c783b0358aaef572e71f29b1bc8de3579e76f8a653e88
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:30 GMT
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36367
x-xss-protection
1; mode=block
expires
Wed, 13 Apr 2022 17:05:30 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-120142702-2&cid=203570610.1649869530&jid=1251344016&_u=aEHAAEABAAAAAC~&z=1423756842
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-120142702-2&cid=203570610.1649869530&jid=1251344016&_u=aEHAAEABAAAAAC~&z=1423756842
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/964873648/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964873648/?random=1649869530242&cv=9&fst=1649869200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg460&sendb=1&data=event%3Dgtm.js&frm=0&url=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&ref=http%3A%2F%2Fpull.xmr3.com%2F&tiba=Get%20Focused%20%7C%20Ralph%20Fletcher&async=1&fmt=3&is_vtc=1&random=1623498069&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/964873648/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/964873648/?random=1649869530242&cv=9&fst=1649869200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg460&sendb=1&data=event%3Dgtm.js&frm=0&url=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&ref=http%3A%2F%2Fpull.xmr3.com%2F&tiba=Get%20Focused%20%7C%20Ralph%20Fletcher&async=1&fmt=3&is_vtc=1&random=1623498069&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2698219957145679&ev=Microdata&dl=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&rl=http%3A%2F%2Fpull.xmr3.com%2F&if=false&ts=1649869530637&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Get%20Focused%20%7C%20Ralph%20Fletcher%22%2C%22meta%3Adescription%22%3A%22Check%20out%20a%20sample%20video%20and%20lesson%20of%20Get%20Focused%20by%20Ralph%20Fletcher.%20Heinemann%20Publishing%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Check%20out%20a%20sample%20video%20and%20lesson%20of%20Get%20Focused%20by%20Ralph%20Fletcher.%20Heinemann%20Publishing%22%2C%22og%3Atitle%22%3A%22Get%20Focused%20%7C%20Ralph%20Fletcher%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=3e1278dd8d9202d85d52680d586588e4&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1649869529369.1896053450&it=1649869529304&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 13 Apr 2022 17:05:30 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1590877407891455&ev=Microdata&dl=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&rl=http%3A%2F%2Fpull.xmr3.com%2F&if=false&ts=1649869530684&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Get%20Focused%20%7C%20Ralph%20Fletcher%22%2C%22meta%3Adescription%22%3A%22Check%20out%20a%20sample%20video%20and%20lesson%20of%20Get%20Focused%20by%20Ralph%20Fletcher.%20Heinemann%20Publishing%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Check%20out%20a%20sample%20video%20and%20lesson%20of%20Get%20Focused%20by%20Ralph%20Fletcher.%20Heinemann%20Publishing%22%2C%22og%3Atitle%22%3A%22Get%20Focused%20%7C%20Ralph%20Fletcher%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1649869529369.1896053450&it=1649869529304&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:05:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 13 Apr 2022 17:05:30 GMT
312
heinemann.blueconic.net/DG/DEFAULT/rest/rpc/ 		187 B
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://heinemann.blueconic.net/DG/DEFAULT/rest/rpc/312?referer=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR&bcsessionid=271f9915-9f47-4ebb-ae6e-714803bd5edd&bctempid=&overruleReferrer=&time=2022-04-13T17%3A05%3A31%2B00%3A00&ts=1649869531114
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/heinemann.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.130.168 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-130-168.compute-1.amazonaws.com
Software
- /
Resource Hash
4cfe19c6a4fdc294b12512427e30bbe5eafb89fdf86e0f9e07b098ddee70a7a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 17:05:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://samplers.heinemann.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
166
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
perf
samplers.heinemann.com/_hcms/ 		2 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://samplers.heinemann.com/_hcms/perf
Requested by
Host: samplers.heinemann.com
URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/json

Response headers

cf-ray
6fb5c984799eecf2-YUL
date
Wed, 13 Apr 2022 17:05:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-hubspot-correlation-id
a7748499-fc9f-461e-86ec-2fe937b05444
x-trace
2BBB4C35B04E42BC3A772ED96012D0FD60D406B0E4000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWAYbXNcyoH%2FBNtfSBkJp17HJxSJvxCLjy3eTY5rfmS%2FJCHeQ3W7qHPBSh2F1yj43SdvoVxcDQF0K8iw1NRRDA7aUqAfz874%2Fi%2Fn2oUCEFgLNzAPqX5498Udn8ULXtBtfPEtZVZEOQYoEC6um0%2FzSvQL%2BIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-credentials
false
x-robots-tag
none
content-length
2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
forms.hubspot.com
URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=197281&utk=3e1278dd8d9202d85d52680d586588e4&__hstc=140855213.3e1278dd8d9202d85d52680d586588e4.1649869529870.1649869529870.1649869529870.1&__hssc=140855213.1.1649869529870&referrer=http%3A%2F%2Fpull.xmr3.com%2F&contentId=67955911303&currentUrl=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery function| hsjQuery object| _hsp function| hsLoadGtm boolean| useGoogleConsentMode undefined| gtag number| monetateT object| monetate object| monetateQ object| hsVars function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React function| OutpostErrorReporter function| hmerge undefined| ReactDOM undefined| require undefined| requirejs undefined| module undefined| bootstrap object| options object| HSFR object| _hsq function| hs_reqwest_0 function| fbq function| _fbq object| blueConicPreListeners function| BCClass object| blueConicClient function| jsonpHandler boolean| PIXELS_RAN function| hsRecaptchaLoadCallback number| RECAPTCHA_INTERVAL boolean| _hspb_loaded function| defineProperties object| leadflows boolean| popupPoliceActive function| hns2 undefined| jade undefined| I18n undefined| hubspot_mailcheck undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| _paq function| sanitizeKey boolean| _hstc_loaded object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| Mustache function| BlueConicMetaDataService object| _bcp object| bc object| justDetectAdblock function| FormRuleService function| RuleService function| BlueConicEngagement object| bcConnectionUtil function| BlueConicDataLayerUtil object| JSONPath function| md5 object| jsonpath object| recaptcha object| closure_lm_159966 object| bc_json313 string| GoogleAnalyticsObject function| ga object| dataLayer boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

31 Cookies

Domain/Path Name / Value
heinemann.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 271f9915-9f47-4ebb-ae6e-714803bd5edd
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AOc_TXeePMxbx1SxXGLfDCifdIqFbkwWovY-jq3TLFPuvSGH7O4SHu-B9Kvznb-q9Qgx7F2frG7WGoTPWhdpMxw
.samplers.heinemann.com/ Name: __cfruid
Value: 5e8d7175aac591f1305d99ed9015fd4be526da19-1649869528
.heinemann.com/ Name: mt.v
Value: 2.1146934261.1649869529097
www.heinemann.com/ Name: BNI_persistence
Value: 00000000000000000000000098e0580a00000000
.heinemann.com/ Name: visid_incap_2118990
Value: mEyLePcjS8u31AIhtgEQkdgCV2IAAAAAQUIPAAAAAACebk3C6bsBAQ9HYRFs6C77
.heinemann.com/ Name: nlbi_2118990
Value: aqJkPn4GT1J2zPAOigwkfgAAAAAZdUkR0hrv7B9JUMN7cm6N
.heinemann.com/ Name: incap_ses_1458_2118990
Value: xOSWJNv8NSH2QiHMgNs7FNgCV2IAAAAAPhQ1xduTVJLbOH6Q1qcfhw==
.hubspot.com/ Name: __cf_bm
Value: NF9qJoUq7n1W.NudXYMoxNZIEQ4hPy_6U5v7a7A0TME-1649869529-0-AXidZkr3D2yvgN9ckgjadRjGn2LFN3K2FUxy41ToqBpmTCcgnFjMweLGOVQNDkOs6Mk1PTYHk/6/oFb2IAadHBE=
.heinemann.com/ Name: _fbp
Value: fb.1.1649869529369.1896053450
.facebook.com/ Name: fr
Value: 0rsFivZoRAnkpSPqB..BiVwLZ...1.0.BiVwLZ.
.heinemann.com/ Name: BCSessionID
Value: 271f9915-9f47-4ebb-ae6e-714803bd5edd
.heinemann.com/ Name: __hstc
Value: 140855213.3e1278dd8d9202d85d52680d586588e4.1649869529870.1649869529870.1649869529870.1
.heinemann.com/ Name: hubspotutk
Value: 3e1278dd8d9202d85d52680d586588e4
.heinemann.com/ Name: __hssrc
Value: 1
.heinemann.com/ Name: __hssc
Value: 140855213.1.1649869529870
.heinemann.com/ Name: _ga
Value: GA1.2.203570610.1649869530
.heinemann.com/ Name: _gid
Value: GA1.2.741153312.1649869530
.heinemann.com/ Name: _gat
Value: 1
.heinemann.com/ Name: _gcl_au
Value: 1.1.1906500485.1649869530
.heinemann.com/ Name: _gat_UA-7464552-1
Value: 1
.samplers.heinemann.com/ Name: _ga
Value: GA1.3.203570610.1649869530
.samplers.heinemann.com/ Name: _gid
Value: GA1.3.741153312.1649869530
.heinemann.com/ Name: _gat_UA-120142702-2
Value: 1
.heinemann.com/ Name: _hjSessionUser_1696046
Value: eyJpZCI6ImNmMWI1OGVhLWU0OGQtNWFkZC04YWI1LTQwZWY3YTQ2MmQ2MiIsImNyZWF0ZWQiOjE2NDk4Njk1MzAzMDksImV4aXN0aW5nIjpmYWxzZX0=
.heinemann.com/ Name: _hjFirstSeen
Value: 1
samplers.heinemann.com/ Name: _hjIncludedInSessionSample
Value: 1
.heinemann.com/ Name: _hjSession_1696046
Value: eyJpZCI6Ijc4NGEzOWNiLTk2NTktNDEwZS1iYjlmLTNiNmM2ZDY0OTlkZCIsImNyZWF0ZWQiOjE2NDk4Njk1MzAzMjgsImluU2FtcGxlIjp0cnVlfQ==
.heinemann.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
heinemann.blueconic.net/ Name: AWSALBCORS
Value: OY7SuYy4tmMlvXqsIhf7cCy1+amv7q4kOgFeOCe8Q7m5LfGWU+XMEBUXokgHTo7l0lf7IA9DyVzxBpAdGItY/ksQQAwgBBC0APyyIvo4dAylOAJn+K6Vt91WcmqV

3 Console Messages

Source Level URL
Text
network error URL: https://f.monetate.net/trk/4/s/a-6133d6de/p/heinemann.com/83804104-0?mr=t1492692997&mi=%272.1146934261.1649869529097%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=HubSpot-Samplers-Subdomain&r=%27http://pull.xmr3.com/%27&sw=1600&sh=1200&sc=24&j=!f&u=%27https://samplers.heinemann.com/get-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR%27&fl=!f&hvc=!t&eoq=!t
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
javascript error URL: https://samplers.heinemann.com/get-focused?utm_source=mdr&utm_medium=email&utm_content=22_04_11_S22_PB_Announce_Get_Focused_MDR&utm_campaign=Get_Focused_MDR
Message:
Access to XMLHttpRequest at 'https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=197281&utk=3e1278dd8d9202d85d52680d586588e4&__hstc=140855213.3e1278dd8d9202d85d52680d586588e4.1649869529870.1649869529870.1649869529870.1&__hssc=140855213.1.1649869529870&referrer=http%3A%2F%2Fpull.xmr3.com%2F&contentId=67955911303&currentUrl=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR' from origin 'https://samplers.heinemann.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=197281&utk=3e1278dd8d9202d85d52680d586588e4&__hstc=140855213.3e1278dd8d9202d85d52680d586588e4.1649869529870.1649869529870.1649869529870.1&__hssc=140855213.1.1649869529870&referrer=http%3A%2F%2Fpull.xmr3.com%2F&contentId=67955911303&currentUrl=https%3A%2F%2Fsamplers.heinemann.com%2Fget-focused%3Futm_source%3Dmdr%26utm_medium%3Demail%26utm_content%3D22_04_11_S22_PB_Announce_Get_Focused_MDR%26utm_campaign%3DGet_Focused_MDR
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
app.hubspot.com
cdn.blueconic.net
cdn2.hubspot.net
connect.facebook.net
f.monetate.net
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
heinemann.blueconic.net
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hsleadflows.net
perf.hsforms.com
pull.xmr3.com
samplers.heinemann.com
script.hotjar.com
se.monetate.net
static.hotjar.com
stats.g.doubleclick.net
track.hubspot.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.heinemann.com
forms.hubspot.com
104.105.82.187
137.236.223.2
142.250.65.226
143.204.146.2
2606:2c40::c73c:671d
2606:4700::6810:5905
2606:4700::6811:47b0
2606:4700::6811:74b0
2606:4700::6811:cbcc
2606:4700::6811:e6cc
2606:4700::6811:f4cc
2606:4700::6812:14bf
2606:4700::6813:9b53
2607:f8b0:4004:c08::9c
2607:f8b0:4006:807::2002
2607:f8b0:4006:808::2003
2607:f8b0:4006:809::2003
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80e::200e
2607:f8b0:4006:817::2004
2607:f8b0:4006:81d::2008
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
45.60.11.203
54.165.48.193
54.167.130.168
54.230.102.38
99.84.118.4
99.84.42.90
0695d0e7d2fbe8b5504c1fb5a45a63dee5ab23de61738ec62919e0607b880e02
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
09f7f400ac67a7b84d6c2b0739abe75e29f659781ec5d0e423e6e34a54d18434
0af0e8080f025db212df71ce7443c7a3671b69d86ec1879cf32f4e0d1a427527
0d42be3cee8daa4c078a66b699989b4253357214e32985fdd6884a1b73494190
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
19ff96d819b8cdfbf79e45e97ea231ecbdbbe9293f69b85428f35eb620bdff95
1a8dc7293a407ffbe94bfc946a4bd673106aa49400bc4e7acf3f0cbe05d60ff7
1b380fd1d4be3f96d60c906fe1d99eab6889bde30237970cc89c594a046512d9
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1eaf6916b7bd86df3543dd6c34db33a1abc02581ae2650f2ea288dabcc7518fb
207ef518f270401d1379b58bc6d61548ace958a84e2830ee8ea06a75989a8e09
3246cb22fe1bd21a08db38a14c8e9510e7c7f65e577ec5771165945188db5290
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170
3dda0a106a84596b0a4257d2d0c3b896ebe6d2f2d8f27739b0d8f500744a86a1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
48321aeac5b7b39fc157e1ab6ee78337a84a54572a310b71c16511520d7920a3
48fca149d8bbfd83b2ebadca252f061a50966b50bc57f373dcbb93f1b51e4d20
4c92da32a1c55d9843bfafa955704dffa08ab1630e9e3cbe6d255d33a3e421d9
4cfe19c6a4fdc294b12512427e30bbe5eafb89fdf86e0f9e07b098ddee70a7a1
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5095258faf3389c60bd2d8fec487f62396d4965f34ad3838af8404d1445a3fbd
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
577bae50985c9b061220ffacdebc3bd76b2b0770511991fedbf643b79bb2ac45
58458c9c39d176d9adc253f615f6d5d6929025f079b9cea6da5ff75b78412fdb
58cbd44ccca0a690dc8debb6b40106971f53500b38afbb943cbc227b9abc6a2d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5efb984c9c77de53166c783b0358aaef572e71f29b1bc8de3579e76f8a653e88
60079aa14b57c975985e4e342e397ea3ae7f677db676b0d8d9517b566c9271b6
62356c567d761e72e332b2ca9ef33d2a43255efc0ce9acf0c86733330660c575
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d220273a6c4b62af124e4c4122d21d44019f19b37cdb472de0c0cff89f35d18
7e0cc136f27abbe998e79a6bd198d6930fc69ea99b491afdf127eac9194e5772
7fd7b12c28058e709429faff256ac16be20c06e89d328381e2db43877a7fc555
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b473dd411478cf634fc14ecbb0a2a5843703188deafbeea61dbc44878f3837
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
890f932267d335a7640da7672b557235f305856993905c2e80a100ad0120b2f6
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
947d6c755989ac2b8e761deb8f7c3d38c30f9e01ce86b4ce1c8f3a2e1d1e5221
9a763944a1f2ac50079dcd179566ed250c8ebbc9a3483080bda2bd2c2832efde
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a291bd34fd4ae9447344c42523ed0daf871ce0cb3fc823a552376cf6cabf6513
ad4ef6cdec03a925c96109f724eb7eaadb31398d8bffad469c58a8dceb64d75c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af94966556e71cdaa2d09798826a3024697c97de1d21b9e813456e2eac7393ed
b1d6fce6a0f552bda0a9a95f9d44196215bbc0bd1602ebd9256f6595cfaba21e
b442e9ec49c9f90ab11f2d87a368a99a92a05b5acd9bcaf865aa551ba1f8cb8d
ba0760b79a7db5bfda654f0223e3555a70c32085fe1d85aa7c0e71e28f9c3e36
bb15c3eae36bcdcbc040e30dd8c32f88e7bfb08d1675cc9591e4066cdecb7b9a
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca70c5161c99af3a27cb2c5cb7a8941c3c731e1d45f23e4611bec06d9b2b7fa0
d0abedcaade1f4a4e393361484fa3c97b4f1b7664a428df5c5417fbf6ab2ffd0
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0e44c153e6969ff112250bc468dd4615e5f48f2b2db3e3ffabc11be9d9b6313
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc49223047acfa13ee73453bed50b6ad405faf627e6b0727953f88e63c49c36
f4b63fb2b97dcece12c775c9df15d951467a93302f127f5e53c007ebd5e24b01
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f8b8c8146d6359d62410c5da0c4573717f95f8a2e79fcdf1c3ab242a70d10488
f95c57d7a7b9e77e07ae94e0b4a8837bc7e62ed2524d00c17413b3d8fa77e683
fa7ec1c57f4ac548d6d68d9d1780f1bf79ce21358bfe60da7c2cad1cdd498604
fc48548bb995c281b3ab6f56029923218df05cdfc3a49506807ff7c03c0f3f2a
fced198b518bb50fec65fd07afd1745ad209e719b5a18ab3e58034174d7f4b6b