us.heinsohn.co Open in urlscan Pro
192.124.249.54 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://us.heinsohn.co/
Submission Tags: falconsandbox
Submission: On July 17 via api (July 17th 2022, 11:53:01 pm UTC) from US — Scanned from CA

Summary HTTP 169 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 44 IPs in 3 countries across 39 domains to perform 169 HTTP transactions. The main IP is 192.124.249.54, located in Markham, Canada and belongs to SUCURI-SEC, US. The main domain is us.heinsohn.co.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 19th 2022. Valid for: a year.

This is the only time us.heinsohn.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
83	192.124.249.54 192.124.249.54	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:310... 2606:4700:3108::ac42:2928	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4006:809::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
1 3	2600:1901:1:c... 2600:1901:1:c36::	15169 (GOOGLE) (GOOGLE)
1 1	3.220.57.224 3.220.57.224	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:78:... 2a04:4e42:78::720	54113 (FASTLY) (FASTLY)
4	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
3 4	142.251.40.166 142.251.40.166	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	67.225.220.126 67.225.220.126	32244 (LIQUIDWEB) (LIQUIDWEB)
1	2600:9000:21d... 2600:9000:21da:1200:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
8	2a04:4e42:78:... 2a04:4e42:78::761	54113 (FASTLY) (FASTLY)
2 5	199.38.167.128 199.38.167.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	2607:f8b0:400... 2607:f8b0:4004:c07::9d	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
1	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:79:... 2a04:4e42:79::760	54113 (FASTLY) (FASTLY)
1	2600:1901:0:5... 2600:1901:0:524d::	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
2 2	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
1 2	68.67.181.207 68.67.181.207	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	52.45.73.214 52.45.73.214	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.231.251.31 34.231.251.31	14618 (AMAZON-AES) (AMAZON-AES)
1	184.29.128.24 184.29.128.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.193.150.192 34.193.150.192	14618 (AMAZON-AES) (AMAZON-AES)
1 1	13.225.63.53 13.225.63.53	16509 (AMAZON-02) (AMAZON-02)
1 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	34.206.157.2 34.206.157.2	14618 (AMAZON-AES) (AMAZON-AES)
1 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.50.205.90 184.50.205.90	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	192.35.249.127 192.35.249.127	11742 (SPOTX-IAD) (SPOTX-IAD)
1	2600:1f18:612... 2600:1f18:612b:4216:68f0:5178:951f:deb4	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.214.117 13.225.214.117	16509 (AMAZON-02) (AMAZON-02)
1	18.208.27.160 18.208.27.160	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
10	2600:1901:1:e... 2600:1901:1:e71::	15169 (GOOGLE) (GOOGLE)
169	44

83 192.124.249.54 (Markham, Canada)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10054.sucuri.net

us.heinsohn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:809::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:2928 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.calendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:809::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80d::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:1:c36:: (United States) 1 redirects

ASN15169 (GOOGLE, US)

open.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.57.224 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-57-224.compute-1.amazonaws.com

source.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:78::720 (United States)

ASN54113 (FASTLY, US)

images.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.166 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f6.1e100.net

10648187.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.225.220.126 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.rtb123.com

www.rtb123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21da:1200:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2002 (New York, United States) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42:78::761 (United States)

ASN54113 (FASTLY, US)

open.spotifycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.38.167.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20838706p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:816::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o22381.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:79::760 (United States)

ASN54113 (FASTLY, US)

i.scdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:524d:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

apresolve.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.181.207 (Secaucus, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.73.214 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-73-214.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.231.251.31 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-251-31.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.29.128.24 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-128-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.150.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-150-192.compute-1.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.53 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-53.ewr53.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.157.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-157-2.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.50.205.90 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-205-90.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.35.249.127 (Ashburn, United States) 1 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:68f0:5178:951f:deb4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-117.ewr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.27.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-27-160.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:1901:1:e71:: (United States)

ASN15169 (GOOGLE, US)

guc3-spclient.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	heinsohn.co us.heinsohn.co	3 MB
14	spotify.com 1 redirects open.spotify.com — Cisco Umbrella Rank: 3628 apresolve.spotify.com — Cisco Umbrella Rank: 1139 guc3-spclient.spotify.com — Cisco Umbrella Rank: 1833	8 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	477 KB
8	spotifycdn.com open.spotifycdn.com — Cisco Umbrella Rank: 7666	701 KB
7	doubleclick.net 5 redirects 10648187.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 217 stats.g.doubleclick.net — Cisco Umbrella Rank: 138 cm.g.doubleclick.net — Cisco Umbrella Rank: 223	3 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 17 adservice.google.com — Cisco Umbrella Rank: 103	42 KB
5	rfihub.com 2 redirects 20838706p.rfihub.com a.rfihub.com — Cisco Umbrella Rank: 3387 p.rfihub.com — Cisco Umbrella Rank: 838	7 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	20 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81	4 KB
3	rlcdn.com 1 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 365	526 B
3	google.ca adservice.google.ca — Cisco Umbrella Rank: 12475 www.google.ca — Cisco Umbrella Rank: 7469	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 689	608 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 315	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 552	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 597	2 KB
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1095	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 213	2 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	428 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	110 KB
2	unsplash.com 1 redirects source.unsplash.com — Cisco Umbrella Rank: 72096 images.unsplash.com — Cisco Umbrella Rank: 13517	138 KB
2	calendly.com assets.calendly.com — Cisco Umbrella Rank: 15883	17 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 504	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 492	532 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1030	183 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1217	191 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 2037	109 B
1	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 1697	775 B
1	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1220	105 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 566	616 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 372	743 B
1	scdn.co i.scdn.co — Cisco Umbrella Rank: 1313	29 KB
1	sentry.io o22381.ingest.sentry.io — Cisco Umbrella Rank: 16738	277 B
1	w.org s.w.org — Cisco Umbrella Rank: 780	504 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5500	6 KB
1	rtb123.com www.rtb123.com — Cisco Umbrella Rank: 20020	251 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 6139	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	58 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 258	11 KB
169	39

	Domain	Requested by
83	us.heinsohn.co	us.heinsohn.co
10	guc3-spclient.spotify.com	open.spotifycdn.com
8	open.spotifycdn.com	open.spotify.com
8	fonts.gstatic.com	fonts.googleapis.com www.google.com
5	www.google.com	us.heinsohn.co www.gstatic.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	fonts.googleapis.com	us.heinsohn.co
3	idsync.rlcdn.com	1 redirects us.heinsohn.co
3	p.rfihub.com	2 redirects us.heinsohn.co
3	open.spotify.com	1 redirects us.heinsohn.co open.spotifycdn.com
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects us.heinsohn.co
2	sync.search.spotxchange.com	1 redirects us.heinsohn.co
2	dsum-sec.casalemedia.com	1 redirects us.heinsohn.co
2	ps.eyeota.net	1 redirects us.heinsohn.co
2	dpm.demdex.net	1 redirects us.heinsohn.co
2	ib.adnxs.com	1 redirects us.heinsohn.co
2	cm.g.doubleclick.net	2 redirects
2	www.facebook.com	us.heinsohn.co
2	adservice.google.ca	us.heinsohn.co adservice.google.com
2	adservice.google.com	1 redirects 10648187.fls.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	connect.facebook.net	us.heinsohn.co connect.facebook.net
2	10648187.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	assets.calendly.com	us.heinsohn.co
1	beacon.krxd.net	us.heinsohn.co
1	aa.agkn.com	us.heinsohn.co
1	partners.tremorhub.com	us.heinsohn.co
1	x.dlx.addthis.com	us.heinsohn.co
1	bpi.rtactivate.com	us.heinsohn.co
1	live.rezync.com	1 redirects
1	bs.serving-sys.com	us.heinsohn.co
1	contextual.media.net	us.heinsohn.co
1	pixel.rubiconproject.com	us.heinsohn.co
1	a.rfihub.com	us.heinsohn.co
1	apresolve.spotify.com	open.spotifycdn.com
1	i.scdn.co	open.spotifycdn.com
1	o22381.ingest.sentry.io	open.spotifycdn.com
1	www.google.ca	us.heinsohn.co
1	s.w.org	us.heinsohn.co
1	stats.g.doubleclick.net	www.google-analytics.com
1	20838706p.rfihub.com	c1.rfihub.net
1	c1.rfihub.net	us.heinsohn.co
1	www.rtb123.com	us.heinsohn.co
1	images.unsplash.com	us.heinsohn.co
1	source.unsplash.com	1 redirects
1	ws.zoominfo.com	us.heinsohn.co
1	www.googletagmanager.com	us.heinsohn.co
1	cdnjs.cloudflare.com	us.heinsohn.co
169	50

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.youtube.com
heinsohn.com.co

Subject Issuer	Validity	Valid
us.heinsohn.co Go Daddy Secure Certificate Authority - G2	`2022-01-19` - `2023-01-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
calendly.com Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.spotify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-26` - `2022-07-25`	3 months	crt.sh
www.rtb123.com GlobalSign GCC R3 DV TLS CA 2020	`2022-02-02` - `2023-03-06`	a year	crt.sh
*.rfihub.net Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
*.spotifycdn.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-09-07`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-24` - `2023-05-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2021-11-24` - `2022-12-25`	a year	crt.sh
*.google.ca GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.ingest.sentry.io R3	`2022-06-21` - `2022-09-19`	3 months	crt.sh
*.scdn.co DigiCert TLS RSA SHA256 2020 CA1	`2021-08-06` - `2022-09-02`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
bs.serving-sys.com Amazon	`2022-04-20` - `2023-05-19`	a year	crt.sh
rtactivate.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://us.heinsohn.co/
Frame ID: 3D71A16BA5743444A376E5CD78EB04DE
Requests: 115 HTTP requests in this frame

Frame: https://open.spotify.com/embed-podcast/episode/1QTE55dYHBm9S7j7R1UBtz?utm_source=generator
Frame ID: E67A901F4C5C6AACFF199052E7DBE8E8
Requests: 18 HTTP requests in this frame

Frame: https://10648187.fls.doubleclick.net/activityi;dc_pre=CNCSzpmPgfkCFdsGaAgdlfAK9w;src=10648187;type=heins0;cat=00-fl0;ord=7107307131334;gtm=2wg7d0;auiddc=1937092671.1658101975;u1=https%3A%2F%2Fus.heinsohn.co%2F;u5=us.heinsohn.co;~oref=https%3A%2F%2Fus.heinsohn.co%2F
Frame ID: BBB288A5DAF86298F0DA560C3923E18C
Requests: 1 HTTP requests in this frame

Frame: https://20838706p.rfihub.com/ca.html?ver=9&rb=45896&ca=20838706&_o=45896&_t=20838706&pe=https%3A%2F%2Fus.heinsohn.co%2F&pf=&ra=3450874432165212
Frame ID: 9804A5827FA4D6D3FEED60D6F7A9BB67
Requests: 19 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNCSzpmPgfkCFdsGaAgdlfAK9w;src=10648187;type=heins0;cat=00-fl0;ord=7107307131334;gtm=2wg7d0;auiddc=1937092671.1658101975;u1=https%3A%2F%2Fus.heinsohn.co%2F;u5=us.heinsohn.co;~oref=https%3A%2F%2Fus.heinsohn.co%2F
Frame ID: 917E8147167306ECB2948A9DC575DFD7
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.ca/ddm/fls/i/dc_pre=CNCSzpmPgfkCFdsGaAgdlfAK9w;src=10648187;type=heins0;cat=00-fl0;ord=7107307131334;gtm=2wg7d0;auiddc=1937092671.1658101975;u1=https%3A%2F%2Fus.heinsohn.co%2F;u5=us.heinsohn.co;~oref=https%3A%2F%2Fus.heinsohn.co%2F
Frame ID: 53923AFB4657211A166985E15D87E2AB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcIkBweAAAAALwZTfo6wH328GmhBRWyD6pJ4KQy&co=aHR0cHM6Ly91cy5oZWluc29obi5jbzo0NDM.&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=scupma72ptmo
Frame ID: 759A4D62FB89633E105E25DB78803C23
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: CBB5329A0B50DEA037F7FA4527D5F6B6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Business Technology Company: Agile, Robust, Scalable | Heinsohn Corp

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Material Design Lite (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href="[^"]*material(?:\.[\w]+-[\w]+)?(?:\.min)?\.css

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Calendly (Appointment scheduling) Expand

Overall confidence: 100%
Detected patterns

https://assets\.calendly\.com/assets/external/widget\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

169
Requests

93 %
HTTPS

50 %
IPv6

39
Domains

50
Subdomains

44
IPs

3
Countries

4513 kB
Transfer

11077 kB
Size

42
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/heinsohn-business-technology/?originalSubdomain=co

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=eyxEMQRIpME

Search URL Search Domain Scan URL

URL: http://heinsohn.com.co/
Title: Heinsohn Colombia

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://open.spotify.com/embed/episode/1QTE55dYHBm9S7j7R1UBtz?utm_source=generator HTTP 302
https://open.spotify.com/embed-podcast/episode/1QTE55dYHBm9S7j7R1UBtz?utm_source=generator

Request Chain 83

https://source.unsplash.com/collection/422400/daily HTTP 302
https://images.unsplash.com/photo-1443980995706-8d107e98e707?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxfDB8MXxyYW5kb218MHw0MjI0MDB8fHx8fHx8MTY1ODEwMTk3NA&ixlib=rb-1.2.1&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=1080

Request Chain 91

https://10648187.fls.doubleclick.net/activityi;src=10648187;type=heins0;cat=00-fl0;ord=7107307131334;gtm=2wg7d0;auiddc=1937092671.1658101975;u1=https%3A%2F%2Fus.heinsohn.co%2F;u5=us.heinsohn.co;~oref=https%3A%2F%2Fus.heinsohn.co%2F HTTP 302
https://10648187.fls.doubleclick.net/activityi;dc_pre=CNCSzpmPgfkCFdsGaAgdlfAK9w;src=10648187;type=heins0;cat=00-fl0;ord=7107307131334;gtm=2wg7d0;auiddc=1937092671.1658101975;u1=https%3A%2F%2Fus.heinsohn.co%2F;u5=us.heinsohn.co;~oref=https%3A%2F%2Fus.heinsohn.co%2F

Request Chain 95

https://ad.doubleclick.net/ddm/activity/src=11442294;type=conte0;cat=heins0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=11442294;dc_pre=CPeezpmPgfkCFZ8NaAgdNOUL6g;type=conte0;cat=heins0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/p/src=11442294;dc_pre=CPeezpmPgfkCFZ8NaAgdNOUL6g;type=conte0;cat=heins0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;~oref=https://us.heinsohn.co/ HTTP 302
https://adservice.google.ca/ddm/fls/p/src=11442294;dc_pre=CPeezpmPgfkCFZ8NaAgdNOUL6g;type=conte0;cat=heins0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;~oref=https://us.heinsohn.co/

Request Chain 127

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=OTc4NDc3NDA3NDY3NTc1Nzc5&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJwJ34OEEASxAmRkD5_4bdk&google_cver=1

Request Chain 128

https://ib.adnxs.com/setuid?entity=18&code=978477407467575779 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D978477407467575779

Request Chain 130

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=978477407467575779&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=978477407467575779&redir=

Request Chain 131

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=978477407467575779&bid=omt9pi0 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=978477407467575779&bid=omt9pi0

Request Chain 134

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978477407467575779&referrer=https%3A%2F%2Fus.heinsohn.co%2F HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=55c38e18-2712-44e1-afe1-71f59a4be28e%3A1658101975.7074513&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D55c38e18-2712-44e1-afe1-71f59a4be28e%253A1658101975.7074513 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=55c38e18-2712-44e1-afe1-71f59a4be28e%3A1658101975.7074513 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGT9QT_4LsmH-CTQ71vR7FA&google_cver=1

Request Chain 136

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=978477407467575779&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=978477407467575779&forward=&C=1

Request Chain 139

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=978477407467575779&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=978477407467575779&img=1&__user_check__=1&sync_id=9436ea38-062b-11ed-b8ee-12f1e0b20203

Request Chain 143

https://x.bidswitch.net/sync?dsp_id=119&user_id=978477407467575779&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=978477407467575779&expires=30

Request Chain 144

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YtSg1wAQ7f8ZzwAj HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=YtSg1wAQ7f8ZzwAj&_test=YtSg1wAQ7f8ZzwAj

169 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
us.heinsohn.co/ 206 KB
31 KB 411ms
342ms Document
text/html 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

3a3ce7609d7e66e849f48191c94919697ad3f8f70c3ebde6a3e48949b8a05b27

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-length: 31423
content-security-policy: upgrade-insecure-requests; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sun, 17 Jul 2022 23:52:53 GMT
expires: Mon, 29 Oct 1923 20:30:00 GMT
last-modified: Tue, 12 Jul 2022 13:57:48 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=300
vary: User-Agent,Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sucuri-cache: MISS
x-sucuri-id: 14004
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
us.heinsohn.co/wp-includes/css/dist/block-library/ 79 KB
10 KB 87ms
81ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-includes/css/dist/block-library/style.min.css?ver=5.8.4

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 9945
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Sep 2021 04:05:58 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1aa2919-13abe-5cae72efad580-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wc-blocks-vendors-style.css
us.heinsohn.co/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 5 KB
2 KB 244ms
236ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.7.3

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 1111
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:55:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c212c7-1345-5d8b4d92ef740-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wc-blocks-style.css
us.heinsohn.co/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 204 KB
20 KB 266ms
258ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.7.3

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

1569cc17e59582d682f33021f1a3e4e057d8d8681701ada555817418b6ba1eb9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 19816
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:55:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c21283-32f4b-5d8b4d92ef740-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.css
us.heinsohn.co/wp-content/plugins/buttonizer-multifunctional-button/assets/ 8 KB
1 KB 248ms
241ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/buttonizer-multifunctional-button/assets/frontend.css?v=57294db550684812cc1be3ff3e94b278&ver=5.8.4

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

0ce8d813e9fed42454cc32f01212a0daa714d2a07e1ebed09a1125d8ea7063c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 933
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Feb 2022 00:04:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "12a2dfa-2043-5d89018789840-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 49ms
19ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css?ver=5.8.4

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.heinsohn.co/
Origin: https://us.heinsohn.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6397448
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10462
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nagIhBUgxAv1iO6sBbfHOqMT9k2XQVS9UwnQmpbc6uMyVqRjT1jm51MbvuYrgedOf617UhJD9Fg0GlTmFNBMxEp4Gt%2ByVvv4uAnTyhxoWboBgIllBwI2imcOGGN%2ByHU6wZ1k2Hi%2Bd10d51PuJ%2BC7DlGb"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72c6e4d7dd094bd6-YUL
expires: Fri, 07 Jul 2023 23:52:53 GMT

GET
H2 200 styles.css
us.heinsohn.co/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 247ms
240ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 849
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:54:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1861404-aab-5d8b4d69ed680-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 woocommerce-layout.css
us.heinsohn.co/wp-content/plugins/woocommerce/assets/css/ 17 KB
3 KB 248ms
241ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.2.1

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 2330
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:55:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c2090b-4591-5d8b4d92ef740-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 woocommerce.css
us.heinsohn.co/wp-content/plugins/woocommerce/assets/css/ 61 KB
9 KB 249ms
242ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.2.1

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 8443
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:55:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c208eb-f523-5d8b4d92ef740-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpcf7-redirect-frontend.min.css
us.heinsohn.co/wp-content/plugins/wpcf7-redirect/build/css/ 316 B
532 B 244ms
237ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=5.8.4

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 96
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Feb 2022 00:05:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "12c3779-13c-5d89019b90780-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wppopups-base.css
us.heinsohn.co/wp-content/plugins/wp-popups-lite/src/assets/css/ 8 KB
2 KB 244ms
238ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/wp-popups-lite/src/assets/css/wppopups-base.css?ver=2.1.4.5

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

1324a06a3a4e142ab8add34477b0309b68ef7b7a699540a7791bbbe929f7c0a9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 1543
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 19:02:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "f80881-21ca-5d3480f847bc0-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rgs.css
us.heinsohn.co/wp-content/themes/salient/css/ 6 KB
1 KB 245ms
239ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/themes/salient/css/rgs.css?ver=8.5.4

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

c7a68666631143fb3a0b04dde2eb3b745f453378dfe995b2179ed3c9e6a61306

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 1002
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 16:56:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d410c9-16d8-5d3464eb1cd40-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.min.css
us.heinsohn.co/wp-content/plugins/beaver-builder-lite-version//fonts/fontawesome/5.15.4/css/ 58 KB
13 KB 267ms
262ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/beaver-builder-lite-version//fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.2.1

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 12390
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:56:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c40768-e7a9-5d8b4db07fd00-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 v4-shims.min.css
us.heinsohn.co/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/css/ 26 KB
4 KB 264ms
259ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/css/v4-shims.min.css?ver=2.5.2.1

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 3986
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:56:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c40767-684e-5d8b4db07fd00-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
us.heinsohn.co/wp-content/themes/salient/ 835 KB
102 KB 302ms
296ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/themes/salient/style.css?ver=8.5.5

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

201f4ee6ba201031c8fb375f9ae50bc019bdc6928b47b6a575158e8329b10499

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 16:33:23 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "ce0e5b-d0cf4-5d345fb20fac0-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 magnific.css
us.heinsohn.co/wp-content/themes/salient/css/ 11 KB
3 KB 265ms
260ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/themes/salient/css/magnific.css?ver=6.2

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

3499f1ad0e2c520c1fbfe48d698b74e3ca56b22053d75496d89c0bc06aab2deb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 2333
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 16:56:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d410c0-2adb-5d3464e840680-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 responsive.css
us.heinsohn.co/wp-content/themes/salient/css/ 170 KB
23 KB 300ms
295ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/themes/salient/css/responsive.css?ver=8.5.5

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

fb63254083f94861e0b6ffb524fd3db0c3538d081c619185134dde0ca7b8c648

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 22644
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 16:56:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d410c8-2a719-5d3464eb1cd40-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 86ms
35ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&subset=latin%2Clatin-ext

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb5677bcd61703e98d4e275bee546ffa99a970f913b699a727398802da8d4c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 Jul 2022 22:33:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 17 Jul 2022 23:52:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Jul 2022 23:52:53 GMT

GET
H2 200 woocommerce.css
us.heinsohn.co/wp-content/themes/salient/css/ 115 KB
16 KB 299ms
294ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/themes/salient/css/woocommerce.css?ver=8.5.4

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

36c3de98498765c79a2bc5b949ac6f2d3618d1783c71edfd18b835b99a9d39da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 16307
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 16:56:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d410ce-1cd78-5d3464edf9400-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iconsmind.css
us.heinsohn.co/wp-content/themes/salient/css/ 89 KB
15 KB 299ms
295ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/themes/salient/css/iconsmind.css?ver=7.6

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

60872361dc2b5e6238d5eeac94547c3fb5771393dcfd341c64d2ead3cbec15d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 14907
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 16:56:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d410bc-1659d-5d3464e74c440-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 skin-material.css
us.heinsohn.co/wp-content/themes/salient/css/ 106 KB
15 KB 300ms
296ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/themes/salient/css/skin-material.css?ver=8.5.4

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

52ef65da1e8d36e73f035067f581c050d485535910210b8d3242005b00ea0ddf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 14819
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 16:56:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d410cb-1a8e4-5d3464ec10f80-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gem.min.css
us.heinsohn.co/wp-content/plugins/godaddy-email-marketing-sign-up-forms/css/ 639 B
731 B 267ms
263ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/godaddy-email-marketing-sign-up-forms/css/gem.min.css?ver=1.4.3

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

2790b050d606c7dca2f55a16934045dbadce10b36475968dbc876e9013424335

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 295
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 16:48:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d40cb3-27f-5d34632bd6e00-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js_composer.min.css
us.heinsohn.co/wp-content/plugins/js_composer_salient/assets/css/ 204 KB
21 KB 300ms
296ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/js_composer_salient/assets/css/js_composer.min.css?ver=5.4.7

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

770c603c0ac0aa39e1c197f24266cb2c7b1e8675576c644f74177abc062d3e91

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 21022
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:56:07 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "da0c5f-32f13-5d34723019bc0-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
us.heinsohn.co/wp-content/plugins/cf7-conditional-fields/ 2 KB
897 B 264ms
260ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/cf7-conditional-fields/style.css?ver=2.1.2

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

dc19c2e40e42974f0416a3f4cc97e2dbb85a5b5598b76a75e9254164922e7be0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 460
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:54:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "18617e2-654-5d8b4d6cc9d40-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
760 B 86ms
36ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C300%2C700%2C500%2C400italic&subset=latin&ver=5.8.4

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2b0a357fa41dbc676d3dd1c0675551167d033402e28915848a62f6eaee7fb0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 Jul 2022 23:52:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 17 Jul 2022 23:52:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Jul 2022 23:52:53 GMT

GET
H2 200 jquery.min.js Show response
us.heinsohn.co/wp-includes/js/jquery/ 87 KB
30 KB 52ms
48ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 30310
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c21c8e-15db1-5bd3006388300-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
us.heinsohn.co/wp-includes/js/jquery/ 11 KB
4 KB 53ms
49ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 3998
x-xss-protection: 1; mode=block
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c21c86-2bd8-5b45debe27b80-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script.min.js Show response
us.heinsohn.co/wp-content/plugins/country-state-city-auto-dropdown/assets/js/ 1 KB
781 B 54ms
50ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/country-state-city-auto-dropdown/assets/js/script.min.js?ver=5.8.4

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

dd6ec59ab60677bf6b5a89bb79630f342a39b4919b4582c74043a705e6d98640

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 335
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Feb 2022 00:04:55 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "12c32e7-47b-5d890194e37c0-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rbtools.min.js Show response
us.heinsohn.co/wp-content/plugins/revslider/public/assets/js/ 121 KB
45 KB 74ms
69ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.11

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

a5f70e90e97e6ac1952a1a116dba485b468fa98dca2977853768a946227c7bc0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 45510
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 18:50:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "f80284-1e4e6-5d347e4c7ee80-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rs6.min.js Show response
us.heinsohn.co/wp-content/plugins/revslider/public/assets/js/ 374 KB
92 KB 76ms
70ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.11

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

81ff08960b407fde4ee478cf9e8804ca6daf5491d65932f255e24babed80d14b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 93777
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 18:50:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "f80285-5d7d8-5d347e4c7ee80-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.blockUI.min.js Show response
us.heinsohn.co/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
4 KB 75ms
71ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.2.1

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 3248
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:55:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c20975-253d-5d8b4d92ef740-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 add-to-cart.min.js Show response
us.heinsohn.co/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
1 KB 75ms
72ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.2.1

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 974
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:55:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c20996-bdd-5d8b4d92ef740-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 woocommerce-add-to-cart.js Show response
us.heinsohn.co/wp-content/plugins/js_composer_salient/assets/js/vendors/ 895 B
733 B 76ms
73ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/js_composer_salient/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.4.7

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

2685c1caf9a3e6616da70c63212ff6d6a6747e4929edf55832ebd18ef7a43ccf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 288
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 18:44:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "f80009-37f-5d347ce7d2500-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 widget.css
assets.calendly.com/assets/external/ 3 KB
1 KB 106ms
66ms Stylesheet
text/css 2606:4700:3108::ac42:2928
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/widget.css

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2928 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f5e5f87d7dc1a58e914cdd7a2309fcd3661e4525ad0dc002dbca1d1da5a0786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 259
cf-polished: status=cannot_optimize
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 15 Jul 2022 18:28:28 GMT
server: cloudflare
etag: W/"41f5ed798c9a379e8d1317e6c39941c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=300
cf-ray: 72c6e4d7e9527139-YUL
expires: Mon, 18 Jul 2022 23:52:53 GMT

GET
H2 200 wp-emoji-release.min.js Show response
us.heinsohn.co/wp-includes/js/ 18 KB
5 KB 302ms
296ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-includes/js/wp-emoji-release.min.js?ver=5.8.4

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 4542
x-xss-protection: 1; mode=block
last-modified: Tue, 08 Jun 2021 22:15:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1bc27ba-4705-5c4487ddedc00-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 woocommerce-smallscreen.css
us.heinsohn.co/wp-content/plugins/woocommerce/assets/css/ 7 KB
1 KB 304ms
301ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.2.1

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 1061
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:55:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c20904-1b83-5d8b4d92ef740-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 heinsohn_1.png
us.heinsohn.co/wp-content/uploads/2018/03/ 3 KB
4 KB 296ms
291ms Image
image/png 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/uploads/2018/03/heinsohn_1.png

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

2ec568571bd8ddabaf3c32ddfaeef6f09960f974f1d92ff02bc2482184e49c5f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 3309
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:03:49 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d4145a-ced-5d34667f78740"
strict-transport-security: max-age=300
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dummy.png
us.heinsohn.co/wp-content/plugins/revslider/public/assets/assets/ 68 B
467 B 299ms
294ms Image
image/png 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/plugins/revslider/public/assets/assets/dummy.png

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 68
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 18:50:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "f80273-44-5d347e410d380"
strict-transport-security: max-age=300
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Google.png
us.heinsohn.co/wp-content/uploads/2018/08/ 10 KB
11 KB 298ms
293ms Image
image/png 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/uploads/2018/08/Google.png

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

6d42e4ebfebeaa173c2e690f82406fcf20ec5db30acd069789daebb9570339d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 10497
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:31:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d42305-2901-5d346cbdd4240"
strict-transport-security: max-age=300
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Tibco.png
us.heinsohn.co/wp-content/uploads/2021/02/ 57 KB
58 KB 302ms
298ms Image
image/png 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/uploads/2021/02/Tibco.png

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

4d68109546b110ef49636e8054d0d28949f2a090ee4c4f967ea89e411356c467

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 58794
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:38:35 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d426ca-e5aa-5d346e44d5cc0"
strict-transport-security: max-age=300
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IBM.png
us.heinsohn.co/wp-content/uploads/2018/08/ 5 KB
5 KB 300ms
296ms Image
image/png 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/uploads/2018/08/IBM.png

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

4c530330035c9f156b98d18b6f725061a87f5ea7ee594a92e6db751799d65e3c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 4722
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:32:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d4234e-1272-5d346cda705c0"
strict-transport-security: max-age=300
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Oracle.png
us.heinsohn.co/wp-content/uploads/2018/08/ 6 KB
7 KB 302ms
298ms Image
image/png 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/uploads/2018/08/Oracle.png

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

d98f979b003771153e700a451fc7a2c192bc596571db2b31a8d0b927e4e6ea46

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 6508
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:32:52 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d423ad-196c-5d346cfdb9900"
strict-transport-security: max-age=300
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SAP.png
us.heinsohn.co/wp-content/uploads/2018/08/ 13 KB
13 KB 303ms
299ms Image
image/png 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/uploads/2018/08/SAP.png

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

81e590de3259828c8458f3e9748a95e8e6de347992c3f00a9eb8f798b511434f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 12973
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:33:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d423e1-32ad-5d346d11c0840"
strict-transport-security: max-age=300
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Microsoft.png
us.heinsohn.co/wp-content/uploads/2018/08/ 7 KB
7 KB 303ms
299ms Image
image/png 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/uploads/2018/08/Microsoft.png

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

fdd138740f41055507d1145a8b2f2f8aa75dd3941ef48bd4caf128c8f6e4e2c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 7260
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:32:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d42393-1c5c-5d346cf430280"
strict-transport-security: max-age=300
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bizagi.jpg
us.heinsohn.co/wp-content/uploads/2018/04/ 16 KB
16 KB 304ms
300ms Image
image/jpeg 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/uploads/2018/04/bizagi.jpg

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

3f9c96f48441fd2b07a1404841fa1f8ac21f3155e61dd54506ed27732786c786

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 16137
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:08:58 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d41731-3f09-5d3467a627e80"
strict-transport-security: max-age=300
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Salesforce.png
us.heinsohn.co/wp-content/uploads/2018/08/ 14 KB
14 KB 304ms
300ms Image
image/png 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/uploads/2018/08/Salesforce.png

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

235eb9405c6dadf6c4797cf545460e8862486aa4dbbc10a95d35625c7a3032f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 14151
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:33:08 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d423d4-3747-5d346d0cfbd00"
strict-transport-security: max-age=300
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 widget.js Show response
assets.calendly.com/assets/external/ 44 KB
16 KB 59ms
56ms Script
application/javascript 2606:4700:3108::ac42:2928
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/widget.js

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2928 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf4644a406f9b1adfdcd89753755095f537d900bda5d4727b7558444b962fb2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 160
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 15 Jul 2022 18:28:28 GMT
server: cloudflare
etag: W/"4a019399873a3e8e4922c11446be3004"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=300
cf-ray: 72c6e4db3e547139-YUL
expires: Mon, 18 Jul 2022 23:52:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
839 B 35ms
34ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500%2C400%7CMontserrat:700&display=swap

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

033cd21c76b84dd9c7a829c835a65d0980c0299f957c95760b686dbecd0b5b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 Jul 2022 23:52:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 17 Jul 2022 23:52:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Jul 2022 23:52:54 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
us.heinsohn.co/wp-includes/js/mediaelement/ 11 KB
3 KB 79ms
79ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 2397
x-xss-protection: 1; mode=block
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c21ceb-2bf8-5b075c75d5c80-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-mediaelement.min.css
us.heinsohn.co/wp-includes/js/mediaelement/ 4 KB
1 KB 78ms
78ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.4

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 982
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c21cf2-105a-58ac1e7924f80-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 css
fonts.googleapis.com/ 13 KB
899 B 37ms
37ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C300italic%2Cregular%2Citalic%2C700%2C700italic&subset=latin&ver=5.8.4

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9d2bd2d90cbbedd8ea3df2e4245824c56ed26823c9abe4b1062af79f853b6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 Jul 2022 23:47:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 17 Jul 2022 23:52:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Jul 2022 23:52:54 GMT

GET
H2 200 rs6.css
us.heinsohn.co/wp-content/plugins/revslider/public/assets/css/ 56 KB
12 KB 101ms
93ms Stylesheet
text/css 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

c682502bdd9d75ab27160338a8acdbc9d1fe1587ab08e5d8bc04d785c3e65745

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 11783
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 18:50:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "f8027f-e197-5d347e48ae580-br"
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 regenerator-runtime.min.js Show response
us.heinsohn.co/wp-includes/js/dist/vendor/ 6 KB
3 KB 31ms
23ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 2312
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:06:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1bc26ec-1906-5c563acace740-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-polyfill.min.js Show response
us.heinsohn.co/wp-includes/js/dist/vendor/ 16 KB
6 KB 32ms
24ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 5808
x-xss-protection: 1; mode=block
last-modified: Mon, 14 Jun 2021 23:18:11 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1bc26f5-4056-5c4c2122a12c0-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hooks.min.js Show response
us.heinsohn.co/wp-includes/js/dist/ 5 KB
2 KB 33ms
25ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 1717
x-xss-protection: 1; mode=block
last-modified: Thu, 27 May 2021 00:17:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1bc2729-1540-5c344ade1c480-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wppopups.js Show response
us.heinsohn.co/wp-content/plugins/wp-popups-lite/src/assets/js/ 47 KB
11 KB 34ms
25ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/wp-popups-lite/src/assets/js/wppopups.js?ver=2.1.4.5

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

eab007b887d70722ac2232014f1085551e3d262da75db00a05952d529872bfa8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 10816
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 19:02:43 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "f808af-ba13-5d348112fbac0-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
us.heinsohn.co/wp-content/plugins/buttonizer-multifunctional-button/assets/ 300 KB
61 KB 107ms
99ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/buttonizer-multifunctional-button/assets/frontend.min.js?v=57294db550684812cc1be3ff3e94b278&ver=5.8.4

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

29ef54313b40bd9674118b386ec8d3d6d47edb6de74d80deac2248467be65b57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 62444
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Feb 2022 00:04:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "12a2df7-4b001-5d89018789840-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 coblocks-animation.js Show response
us.heinsohn.co/wp-content/plugins/coblocks/dist/js/ 412 B
654 B 34ms
26ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=2.22.0

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

a2c1967d4bc375b190863aabb8bb22a2da4ec5461f8dfd8add4987e3687a26ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 208
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:54:58 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c6017e-19c-5d8b4d718e880-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.js Show response
us.heinsohn.co/wp-content/plugins/contact-form-7/includes/js/ 9 KB
3 KB 35ms
27ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 3056
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:54:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1861439-25f8-5d8b4d69ed680-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js.cookie.min.js Show response
us.heinsohn.co/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
1 KB 35ms
27ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.2.1

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 900
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:55:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c2099d-72a-5d8b4d92ef740-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 woocommerce.min.js Show response
us.heinsohn.co/wp-content/plugins/woocommerce/assets/js/frontend/ 2 KB
1 KB 72ms
64ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.2.1

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 679
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:55:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c20980-85b-5d8b4d92ef740-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cart-fragments.min.js Show response
us.heinsohn.co/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
1 KB 126ms
119ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.2.1

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 935
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:55:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c20978-b7a-5d8b4d92ef740-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpcf7r-fe.js Show response
us.heinsohn.co/wp-content/plugins/wpcf7-redirect/build/js/ 8 KB
2 KB 285ms
278ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 1495
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Feb 2022 00:05:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "12c3797-1f8a-5d89019b90780-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 modernizr.js Show response
us.heinsohn.co/wp-content/themes/salient/js/ 16 KB
6 KB 291ms
284ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/themes/salient/js/modernizr.js?ver=2.6.2

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

da7a14ab58198ca238c7721c733d13e1ee6e7308d900bf96ef6d9da0c944ad2d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 5898
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 16:57:07 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d410f2-3f02-5d34650017ec0-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 magnific.js Show response
us.heinsohn.co/wp-content/themes/salient/js/ 47 KB
14 KB 297ms
290ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/themes/salient/js/magnific.js?ver=7.0.1

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

773d12971ed2348e780482568fae18c567b891f356bd01ee1fb7adad7b800900

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 13803
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 16:57:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d410ee-bdd0-5d3464fe2fa40-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 superfish.js Show response
us.heinsohn.co/wp-content/themes/salient/js/ 9 KB
3 KB 286ms
279ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/themes/salient/js/superfish.js?ver=1.4.8

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

51e2fef0d40e12d3e0f6f47a8fd0368a7b55c4696ec24139bfe08645e6770aa2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 2726
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 16:57:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d410fe-242c-5d346504dca00-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 init.js Show response
us.heinsohn.co/wp-content/themes/salient/js/ 624 KB
114 KB 323ms
317ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/themes/salient/js/init.js?ver=8.5.5

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

939ce3ebed7e1b0fdb67ffe8e8b8a6ccb7263dba2295c285d681878a4a81797a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 16:57:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d410e8-9c170-5d3464fb53380-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 touchswipe.min.js Show response
us.heinsohn.co/wp-content/themes/salient/js/ 9 KB
4 KB 298ms
292ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/themes/salient/js/touchswipe.min.js?ver=1.0

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

a23757ebb210c2d1c0455713594401d07ef51a74dcd3f7b5cd4a0ed2d8ecf1e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 3150
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 16:57:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d410ff-24a0-5d346504dca00-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gem.min.js Show response
us.heinsohn.co/wp-content/plugins/godaddy-email-marketing-sign-up-forms/js/ 2 KB
1 KB 297ms
290ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/godaddy-email-marketing-sign-up-forms/js/gem.min.js?ver=1.4.3

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

6eba7ed8e0d2585eb33a250d85cf2dd0cc88dfee7b7d07c724442adf6ef24aff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 888
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 16:49:10 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d40cc6-8a2-5d34633930d80-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts.js Show response
us.heinsohn.co/wp-content/plugins/cf7-conditional-fields/js/ 134 KB
30 KB 307ms
301ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.1.2

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

f6554c239e5bb8964ccd6bb817053c286dc49c144faf148a663aadaa681306ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 30612
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:54:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1861b8a-2162a-5d8b4d6cc9d40-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
us.heinsohn.co/wp-includes/js/ 1 KB
1 KB 295ms
289ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-includes/js/wp-embed.min.js?ver=5.8.4

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 663
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1bc278a-592-5b83cfce57d00-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js_composer_front.min.js Show response
us.heinsohn.co/wp-content/plugins/js_composer_salient/assets/js/dist/ 27 KB
6 KB 301ms
295ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/js_composer_salient/assets/js/dist/js_composer_front.min.js?ver=5.4.7

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

ccba2fd11afeb14fb54e741f6c003f2a12f995ceeecc606c5a2d4153a9220878

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 6164
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 18:43:57 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "f60eba-6b9c-5d347ce125540-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
us.heinsohn.co/wp-includes/js/mediaelement/ 154 KB
35 KB 321ms
316ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 35851
x-xss-protection: 1; mode=block
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c21cfc-267aa-5b075c75d5c80-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelement-migrate.min.js Show response
us.heinsohn.co/wp-includes/js/mediaelement/ 1 KB
927 B 288ms
283ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.8.4

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 481
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c21cea-4a9-5b83cfce57d00-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-mediaelement.min.js Show response
us.heinsohn.co/wp-includes/js/mediaelement/ 906 B
840 B 294ms
288ms Script
application/javascript 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.8.4

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 393
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Jan 2021 13:35:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c21cf4-38a-5b955069f1180-br"
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
996 B 96ms
42ms Script
text/javascript 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcIkBweAAAAALwZTfo6wH328GmhBRWyD6pJ4KQy&hl=en

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aa967f4f13b131054f35e3c74575d98dbe96929f3a102123207493dd7af9cdcb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Sun, 17 Jul 2022 23:52:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 176 KB
58 KB 107ms
56ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KVXMP69

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6cd22a13d745ecbf7db7cbb8a51b5e3fb389f644469b930787416b45ee7ad30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58781
x-xss-protection: 0
last-modified: Sun, 17 Jul 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 17 Jul 2022 23:52:54 GMT

GET
H2 200 6287ba12da963c00131f44aa Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 1579ms
1540ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6287ba12da963c00131f44aa

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

95575e5851789d6def2c508c3a8563853c005deb31d7b5185b83e5d13bcb2080

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 72c6e4db6849ecea-YUL
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
via: 1.1 google

GET
H2 200 /
us.heinsohn.co/ 206 KB
206 KB 302ms
302ms Image
text/html 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: User-Agent,Accept-Encoding
content-length: 31423
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 12 Jul 2022 13:57:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-type: text/html; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 29 Oct 1923 20:30:00 GMT

GET
H2 200 fa-brands-400.woff2
us.heinsohn.co/wp-content/plugins/beaver-builder-lite-version//fonts/fontawesome/5.15.4/webfonts/ 75 KB
75 KB 297ms
297ms Font
font/woff2 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/beaver-builder-lite-version//fonts/fontawesome/5.15.4/webfonts/fa-brands-400.woff2

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/wp-content/plugins/beaver-builder-lite-version//fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.2.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us.heinsohn.co/wp-content/plugins/beaver-builder-lite-version//fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.2.1
Origin: https://us.heinsohn.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 76741
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:56:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c40759-12bc0-5d8b4db07fd00-br"
strict-transport-security: max-age=300
content-type: font/woff2
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 125ms
78ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C300%2C700%2C500%2C400italic&subset=latin&ver=5.8.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://us.heinsohn.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 03:02:54 GMT
x-content-type-options: nosniff
age: 75000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Jul 2023 03:02:54 GMT

GET
H2 200 iconsmind.ttf
us.heinsohn.co/wp-content/themes/salient/css/fonts/ 906 KB
400 KB 105ms
104ms Font
font/ttf 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/themes/salient/css/fonts/iconsmind.ttf?qnd6ae

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/wp-content/themes/salient/css/iconsmind.css?ver=7.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

ea2bad93d2add75de9adfafc8705c838f4e48c98d4ddf378cc44644b7fa8a182

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us.heinsohn.co/wp-content/themes/salient/css/iconsmind.css?ver=7.6
Origin: https://us.heinsohn.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 18:12:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "ee171a-e26d0-5d3475c865700-br"
strict-transport-security: max-age=300
content-type: font/ttf
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 63ms
57ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://us.heinsohn.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:32:38 GMT
x-content-type-options: nosniff
age: 361216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 19:32:38 GMT

GET
H3

200

1QTE55dYHBm9S7j7R1UBtz Show response
open.spotify.com/embed-podcast/episode/ Frame E67A
Redirect Chain

https://open.spotify.com/embed/episode/1QTE55dYHBm9S7j7R1UBtz?utm_source=generator
https://open.spotify.com/embed-podcast/episode/1QTE55dYHBm9S7j7R1UBtz?utm_source=generator

25 KB
6 KB

256ms
243ms

Document
text/html

2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://open.spotify.com/embed-podcast/episode/1QTE55dYHBm9S7j7R1UBtz?utm_source=generator

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

3197aac97a53e40ef78620f54b23651684b8cfef7580e2c23e6a41c1d4b51f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.heinsohn.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 17 Jul 2022 23:52:54 GMT
server: envoy
sp-trace-id: 8b8147ef8fcc9ecc
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: HTTP/2 edgeproxy, 1.1 google
x-content-type-options: nosniff

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html
date: Sun, 17 Jul 2022 23:52:54 GMT
location: https://open.spotify.com/embed-podcast/episode/1QTE55dYHBm9S7j7R1UBtz?utm_source=generator
server: envoy
sp-trace-id: 75d9e37a2a7c7001
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: HTTP/2 edgeproxy, 1.1 google
x-content-type-options: nosniff

GET
H2

200

photo-1443980995706-8d107e98e707
images.unsplash.com/
Redirect Chain

https://source.unsplash.com/collection/422400/daily
https://images.unsplash.com/photo-1443980995706-8d107e98e707?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxfDB8MXxyYW5kb218MHw0MjI0MDB8fHx8fHx8MTY1ODEwMTk3NA&ixlib=rb-1.2.1&q=80&utm_campaign=api...

136 KB
137 KB

114ms
33ms

Image
image/jpeg

2a04:4e42:78::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1443980995706-8d107e98e707?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxfDB8MXxyYW5kb218MHw0MjI0MDB8fHx8fHx8MTY1ODEwMTk3NA&ixlib=rb-1.2.1&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=1080

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Server

2a04:4e42:78::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

02a135d7c0493042acaef8ee913a9f30cdaec8b30b33f85f8e5c11d7651990ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Jun 2022 17:16:27 GMT
server: imgix
age: 2788587
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 4461e64932b9fddcf9601f1ecdbc43dc5e319214
accept-ranges: bytes
content-length: 139536
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10045-SJC, cache-iad-kjyo7100084-IAD

Redirect headers

Date: Sun, 17 Jul 2022 23:52:53 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Request-Id: 7e7416fa-1db7-4ea7-bdb8-002db396f82c
X-Runtime: 0.003099
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/html; charset=utf-8
Location: https://images.unsplash.com/photo-1443980995706-8d107e98e707?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxfDB8MXxyYW5kb218MHw0MjI0MDB8fHx8fHx8MTY1ODEwMTk3NA&ixlib=rb-1.2.1&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=1080
Cache-Control: no-cache

GET
H2 200 pexels-adrien-olichon-2387793-scaled.jpg
us.heinsohn.co/wp-content/uploads/2021/09/ 589 KB
590 KB 117ms
117ms Image
image/jpeg 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/uploads/2021/09/pexels-adrien-olichon-2387793-scaled.jpg

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

54f372831240728d0e9110515af0b274e10a66c9d68d7a2d864d6aaa547cff5a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 602921
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:40:43 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d42798-93329-5d346ebee7cc0"
strict-transport-security: max-age=300
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-solid-900.woff2
us.heinsohn.co/wp-content/plugins/beaver-builder-lite-version//fonts/fontawesome/5.15.4/webfonts/ 76 KB
77 KB 246ms
246ms Font
font/woff2 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/plugins/beaver-builder-lite-version//fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/wp-content/plugins/beaver-builder-lite-version//fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.2.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us.heinsohn.co/wp-content/plugins/beaver-builder-lite-version//fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.2.1
Origin: https://us.heinsohn.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 78273
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 19:56:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c4075a-131bc-5d8b4db07fd00-br"
strict-transport-security: max-age=300
content-type: font/woff2
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 13 KB
13 KB 74ms
74ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500%2C400%7CMontserrat:700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://us.heinsohn.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 10:56:57 GMT
x-content-type-options: nosniff
age: 132957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12848
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jul 2023 10:56:57 GMT

GET
H2 200 icomoon.woff
us.heinsohn.co/wp-content/themes/salient/css/fonts/ 19 KB
10 KB 246ms
246ms Font
font/woff 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/wp-content/themes/salient/css/fonts/icomoon.woff

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/wp-content/themes/salient/style.css?ver=8.5.5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

9b389d7f455f9d50367741b3b34481e4cf95b9f6d4f23a4d3afe30f71d0ca884

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us.heinsohn.co/wp-content/themes/salient/style.css?ver=8.5.5
Origin: https://us.heinsohn.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 10101
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 18:12:10 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "ee1717-4c58-5d3475c67d280-br"
strict-transport-security: max-age=300
content-type: font/woff
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 59ms
58ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C300italic%2Cregular%2Citalic%2C700%2C700italic&subset=latin&ver=5.8.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://us.heinsohn.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 22:19:25 GMT
x-content-type-options: nosniff
age: 437609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 22:19:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 62ms
61ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500%2C400%7CMontserrat:700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://us.heinsohn.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:35:49 GMT
x-content-type-options: nosniff
age: 361025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 19:35:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 79ms
20ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVXMP69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5242
date: Sun, 17 Jul 2022 22:25:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 18 Jul 2022 00:25:32 GMT

GET
H3

200

activityi;dc_pre=CNCSzpmPgfkCFdsGaAgdlfAK9w;src=10648187;type=heins0;cat=00-fl0;ord=7107307131334;gtm=2wg7d0;auiddc=1937092671.1658101975;u1=https%3A%2F%2Fus.heinsohn.co%2F;u5=us.heinsohn.co;~oref=... Show response
10648187.fls.doubleclick.net/ Frame BBB2
Redirect Chain

https://10648187.fls.doubleclick.net/activityi;src=10648187;type=heins0;cat=00-fl0;ord=7107307131334;gtm=2wg7d0;auiddc=1937092671.1658101975;u1=https%3A%2F%2Fus.heinsohn.co%2F;u5=us.heinsohn.co;~or...
https://10648187.fls.doubleclick.net/activityi;dc_pre=CNCSzpmPgfkCFdsGaAgdlfAK9w;src=10648187;type=heins0;cat=00-fl0;ord=7107307131334;gtm=2wg7d0;auiddc=1937092671.1658101975;u1=https%3A%2F%2Fus.he...

533 B
420 B

83ms
39ms

Document
text/html

142.251.40.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10648187.fls.doubleclick.net/activityi;dc_pre=CNCSzpmPgfkCFdsGaAgdlfAK9w;src=10648187;type=heins0;cat=00-fl0;ord=7107307131334;gtm=2wg7d0;auiddc=1937092671.1658101975;u1=https%3A%2F%2Fus.heinsohn.co%2F;u5=us.heinsohn.co;~oref=https%3A%2F%2Fus.heinsohn.co%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVXMP69

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f6.1e100.net

Software

cafe /

Resource Hash

ce97f53f41ccef2e3da32e43ffacb367409fbd707f975ca7747a793a5d961720

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 395
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Jul 2022 23:52:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Jul 2022 23:52:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10648187.fls.doubleclick.net/activityi;dc_pre=CNCSzpmPgfkCFdsGaAgdlfAK9w;src=10648187;type=heins0;cat=00-fl0;ord=7107307131334;gtm=2wg7d0;auiddc=1937092671.1658101975;u1=https%3A%2F%2Fus.heinsohn.co%2F;u5=us.heinsohn.co;~oref=https%3A%2F%2Fus.heinsohn.co%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 69ms
17ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26001
x-xss-protection: 0
pragma: public
x-fb-debug: FvsM0BeO+97hETgCHjEiIYcKFBtZlesxxU7eVFJb0KM8ZNM1kKMVkybZfJodvSlWw6R0l4Dn0Ftnma1ohCMGlA==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Sun, 17 Jul 2022 23:52:54 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 btp.js Show response
www.rtb123.com/tags/5D11DBBE-A210-B17D-BFBC-590382F62B77/ 27 B
251 B 141ms
35ms Script
application/javascript 67.225.220.126
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rtb123.com/tags/5D11DBBE-A210-B17D-BFBC-590382F62B77/btp.js
Requested by: Host: us.heinsohn.co
URL: https://us.heinsohn.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.220.126 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rtb123.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 53022b9d197e47372ac23d04e60c0a1c80c76e5e405d915712f0d607be21bebf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Sun, 17 Jul 2022 23:52:53 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 19:00:56 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "df96e9ff7d7d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 50

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 94ms
19ms Script
application/x-javascript 2600:9000:21da:1200:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: us.heinsohn.co
URL: https://us.heinsohn.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:1200:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 22:58:46 GMT
content-encoding: gzip
last-modified: Sun, 17 Jul 2022 22:58:36 GMT
server: Jetty(9.3.29.v20201019)
age: 3248
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 bd729a625f24d9635dc350a79fc561b4.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: EWR53-C1
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: zC1tY2Q7LD2fdAbknlaYLdDo96RZT6RxML3jZQHZiZ3Q-h_TZetJFw==
expires: Sun, 17 Jul 2022 23:58:46 GMT

GET
H2

200

/
adservice.google.ca/ddm/fls/p/src=11442294;dc_pre=CPeezpmPgfkCFZ8NaAgdNOUL6g;type=conte0;cat=heins0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BG...
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=11442294;type=conte0;cat=heins0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?
https://ad.doubleclick.net/ddm/activity/src=11442294;dc_pre=CPeezpmPgfkCFZ8NaAgdNOUL6g;type=conte0;cat=heins0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_con...
https://adservice.google.com/ddm/fls/p/src=11442294;dc_pre=CPeezpmPgfkCFZ8NaAgdNOUL6g;type=conte0;cat=heins0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_cons...
https://adservice.google.ca/ddm/fls/p/src=11442294;dc_pre=CPeezpmPgfkCFZ8NaAgdNOUL6g;type=conte0;cat=heins0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_conse...

42 B
737 B

135ms
75ms

Image
image/gif

2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.ca/ddm/fls/p/src=11442294;dc_pre=CPeezpmPgfkCFZ8NaAgdNOUL6g;type=conte0;cat=heins0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;~oref=https://us.heinsohn.co/

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 23:52:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://adservice.google.ca/ddm/fls/p/src=11442294;dc_pre=CPeezpmPgfkCFZ8NaAgdNOUL6g;type=conte0;cat=heins0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;~oref=https://us.heinsohn.co/
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 84ms
36ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=526286823&t=pageview&_s=1&dl=https%3A%2F%2Fus.heinsohn.co%2F&ul=en-us&de=UTF-8&dt=Business%20Technology%20Company%3A%20Agile%2C%20Robust%2C%20Scalable%20%7C%20Heinsohn%20Corp&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=588625&gjid=1187399603&cid=1373122687.1658101975&tid=UA-93355158-2&_gid=1026779557.1658101975&_r=1&gtm=2wg7d0KVXMP69&z=801034931

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.heinsohn.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://us.heinsohn.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 228077499304834 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 144ms
121ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/228077499304834?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78d7ebc4dae44f3ed525a43252ee2c170a93fb4c9a83816b77d51c75fdd47871

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: GBIcHUcEiN/DBlkS+DacrJQSfCc2koAu6UIAZrs9Rz0ftbrEgcgk/y1P8bPtrsAeXV28horF7gQYLHHbgyp3SA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 17 Jul 2022 23:52:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658101974846
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK CircularSpUIv3T-Bold.8d0a45cc.woff2
open.spotifycdn.com/cdn/fonts/ Frame E67A 71 KB
72 KB 96ms
26ms Font
application/octet-stream 2a04:4e42:78::761
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.spotifycdn.com/cdn/fonts/CircularSpUIv3T-Bold.8d0a45cc.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/1QTE55dYHBm9S7j7R1UBtz?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:78::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 897cda707d438f8d6b6b92cfcb2c1fd2035ff59f5f0c5b9943d2f04d411f7fda

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 17 Jul 2022 23:52:54 GMT
Last-Modified: Mon, 13 Jun 2022 14:00:42 GMT
Age: 2972957
ETag: "c147cc237b8b07e0a8875dfbbe857b29"
X-Served-By: cache-ord1745-ORD, cache-chi-kigq8000071-CHI, cache-iad-kjyo7100038-IAD
X-Cache: MISS, HIT, HIT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 72840
X-Cache-Hits: 0, 1, 252262

GET
H/1.1 200
OK spoticon_regular_2.d319d911.woff2
open.spotifycdn.com/cdn/fonts/ Frame E67A 56 KB
56 KB 95ms
24ms Font
application/octet-stream 2a04:4e42:78::761
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.spotifycdn.com/cdn/fonts/spoticon_regular_2.d319d911.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/1QTE55dYHBm9S7j7R1UBtz?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:78::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d728648c3e1d90bf50f0e988787ce26ea1111fa697b0a9daeb95d6724842a9c1

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 17 Jul 2022 23:52:54 GMT
Last-Modified: Mon, 13 Jun 2022 14:00:42 GMT
Age: 2972958
ETag: "3b7bbfac9ed3e75d426728e900579aa9"
X-Served-By: cache-ord1736-ORD, cache-chi-kigq8000082-CHI, cache-iad-kjyo7100088-IAD
X-Cache: MISS, HIT, HIT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56996
X-Cache-Hits: 0, 1, 29947

GET
H/1.1 200
OK en.9d8ff8a9.json
open.spotifycdn.com/cdn/generated-locales/embed/ Frame E67A 2 KB
1 KB 129ms
24ms Other
application/json 2a04:4e42:78::761
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.spotifycdn.com/cdn/generated-locales/embed/en.9d8ff8a9.json
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/1QTE55dYHBm9S7j7R1UBtz?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:78::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d16c6e011d7e40022308526c475b5d017458c2e408d7429d46aee164d7396f93

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 17 Jul 2022 23:52:54 GMT
Content-Encoding: gzip
Age: 215582
X-Cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 611
X-Served-By: cache-chi-klot8100040-CHI, cache-iad-kjyo7100088-IAD
Last-Modified: Fri, 15 Jul 2022 11:56:41 GMT
ETag: "2668add23aab52df0633c086036910fe"
x-goog-generation: 1657886201676011
Content-Type: application/json
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
x-goog-stored-content-length: 611
Accept-Ranges: bytes
X-Cache-Hits: 1, 474

GET
H/1.1 200
OK retargeting-pixels.1fa1ceda.js Show response
open.spotifycdn.com/cdn/js/ Frame E67A 615 B
863 B 86ms
24ms Script
application/javascript 2a04:4e42:78::761
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.spotifycdn.com/cdn/js/retargeting-pixels.1fa1ceda.js
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/1QTE55dYHBm9S7j7R1UBtz?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:78::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c038ca53e8ede27d00975dcc66bb4d0250c2ff45e999b235c147d712b9c26835

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 17 Jul 2022 23:52:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Jun 2022 14:00:43 GMT
Age: 2972938
ETag: "09344e1debf342a4b25ace2ef18cc155"
X-Served-By: cache-ord1720-ORD, cache-chi-kigq8000093-CHI, cache-iad-kjyo7100055-IAD
X-Cache: MISS, HIT, HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 341
X-Cache-Hits: 0, 1, 304545

GET
H/1.1 200
OK embed.d210c562.css
open.spotifycdn.com/cdn/build/embed/ Frame E67A 30 KB
6 KB 341ms
272ms Stylesheet
text/css 2a04:4e42:78::761
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.spotifycdn.com/cdn/build/embed/embed.d210c562.css
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/1QTE55dYHBm9S7j7R1UBtz?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:78::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 073c0654ffc5160e56260a8ca8376a10a7fd0a6dde4f8c87bb8122689bb11b4d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 17 Jul 2022 23:52:55 GMT
Content-Encoding: gzip
Age: 290930
X-Cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 5561
X-Served-By: cache-chi-kigq8000044-CHI, cache-iad-kjyo7100175-IAD
Last-Modified: Thu, 14 Jul 2022 15:00:38 GMT
ETag: "78f9205e1405da9d59619dd225d0778e"
x-goog-generation: 1657810838933960
Content-Type: text/css
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
x-goog-stored-content-length: 5561
Accept-Ranges: bytes
X-Cache-Hits: 1, 5616

GET
H/1.1 200
OK vendor~embed.eb3b5698.js Show response
open.spotifycdn.com/cdn/build/embed/ Frame E67A 1 MB
308 KB 85ms
23ms Script
application/javascript 2a04:4e42:78::761
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.eb3b5698.js
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/1QTE55dYHBm9S7j7R1UBtz?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:78::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3289fbdc75b9a7527d14476f224ff3d6a61dbdb1fc689eea3b88823c4751f632

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 17 Jul 2022 23:52:54 GMT
Content-Encoding: gzip
Age: 218282
X-Cache: MISS, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 315046
X-Served-By: cache-chi-kigq8000072-CHI, cache-iad-kjyo7100110-IAD
Last-Modified: Fri, 15 Jul 2022 11:11:43 GMT
ETag: "40f4e277dd1bcf707bdc5303dfa2fbe0"
x-goog-generation: 1657883503696917
Content-Type: application/javascript
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
x-goog-stored-content-length: 315046
Accept-Ranges: bytes
X-Cache-Hits: 0, 32930

GET
H/1.1 200
OK embed.f46cde3d.js Show response
open.spotifycdn.com/cdn/build/embed/ Frame E67A 880 KB
190 KB 25ms
24ms Script
application/javascript 2a04:4e42:78::761
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.spotifycdn.com/cdn/build/embed/embed.f46cde3d.js
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/1QTE55dYHBm9S7j7R1UBtz?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:78::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6fbb2db35a2e86d99c2385d4bc9a06517afdfe8f5bd2aedebb1dc3dff356ea30

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 17 Jul 2022 23:52:54 GMT
Content-Encoding: gzip
Age: 22017
X-Cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 193510
X-Served-By: cache-chi-kigq8000165-CHI, cache-iad-kjyo7100055-IAD
Last-Modified: Sun, 17 Jul 2022 17:42:31 GMT
ETag: "b146c9186b89ee4c2a0e6591eb3b77df"
x-goog-generation: 1658079751733359
Content-Type: application/javascript
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
x-goog-stored-content-length: 193510
Accept-Ranges: bytes
X-Cache-Hits: 1, 101

GET
H/1.1 200
OK ca.html Show response
20838706p.rfihub.com/ Frame 9804 3 KB
3 KB 136ms
24ms Document
text/html 199.38.167.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20838706p.rfihub.com/ca.html?ver=9&rb=45896&ca=20838706&_o=45896&_t=20838706&pe=https%3A%2F%2Fus.heinsohn.co%2F&pf=&ra=3450874432165212
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 199.38.167.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: a6964d59b534e0e2365b35df4693a998693291cd275a433a260bf53eb2557ac4

Request headers

Referer: https://us.heinsohn.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2592
Content-Type: text/html;charset=utf-8
Date: Sun, 17 Jul 2022 23:52:54 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.3.29.v20201019)

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 102ms
32ms XHR
text/plain 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-93355158-2&cid=1373122687.1658101975&jid=588625&gjid=1187399603&_gid=1026779557.1658101975&_u=YEBAAEAAAAAAAC~&z=1578302001

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.heinsohn.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 17 Jul 2022 23:52:54 GMT
content-type: text/plain
access-control-allow-origin: https://us.heinsohn.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNCSzpmPgfkCFdsGaAgdlfAK9w;src=10648187;type=heins0;cat=00-fl0;ord=7107307131334;gtm=2wg7d0;auiddc=1937092671.1658101975;u1=https%3A%2F%2Fus.heinsohn.co%2F;u5=us.heinsohn.co;~oref=https%3A%2... Show response
adservice.google.com/ddm/fls/i/ Frame 917E 532 B
864 B 106ms
38ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNCSzpmPgfkCFdsGaAgdlfAK9w;src=10648187;type=heins0;cat=00-fl0;ord=7107307131334;gtm=2wg7d0;auiddc=1937092671.1658101975;u1=https%3A%2F%2Fus.heinsohn.co%2F;u5=us.heinsohn.co;~oref=https%3A%2F%2Fus.heinsohn.co%2F

Requested by

Host: 10648187.fls.doubleclick.net
URL: https://10648187.fls.doubleclick.net/activityi;dc_pre=CNCSzpmPgfkCFdsGaAgdlfAK9w;src=10648187;type=heins0;cat=00-fl0;ord=7107307131334;gtm=2wg7d0;auiddc=1937092671.1658101975;u1=https%3A%2F%2Fus.heinsohn.co%2F;u5=us.heinsohn.co;~oref=https%3A%2F%2Fus.heinsohn.co%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a963f0291dd11d7fa6d5a79c342daeed2f6360cfa179715aa197a208d61a6627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10648187.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 395
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Jul 2022 23:52:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 362 KB
144 KB 71ms
20ms Script
text/javascript 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcIkBweAAAAALwZTfo6wH328GmhBRWyD6pJ4KQy&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7394cc0158bd83bdfd6c63cebb7fb96a873394f273c873f3cdbddf1f2a43e436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.heinsohn.co/
Origin: https://us.heinsohn.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 19:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146545
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Jul 2023 19:31:45 GMT

GET
H2 200 1f1e8-1f1f4.svg
s.w.org/images/core/emoji/13.1.0/svg/ 271 B
504 B 60ms
17ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.1.0/svg/1f1e8-1f1f4.svg

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2f99409d72075c8d0360b2631e86a7be4a07b89f9413e98dd41738ff2c4b536e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 18:50:58 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 271
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loader.gif
us.heinsohn.co/wp-content/plugins/revslider/public/assets/assets/ 2 KB
3 KB 81ms
78ms Image
image/gif 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/plugins/revslider/public/assets/assets/loader.gif

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2545
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 18:50:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "f80278-9f1-5d347e43e9a40"
strict-transport-security: max-age=300
content-type: image/gif
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 / Show response
us.heinsohn.co/ 629 B
731 B 1558ms
1558ms XHR
application/json 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://us.heinsohn.co/?wc-ajax=get_refreshed_fragments

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

36968efa19d84f3f4562dd3e37434c1f369458faf510571c4dc6ecbb3bb44902

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://us.heinsohn.co/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 17 Jul 2022 23:52:56 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
vary: Accept-Encoding
content-length: 253
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://us.heinsohn.co
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Salesforce-development.jpg
us.heinsohn.co/wp-content/uploads/2021/09/ 11 KB
11 KB 82ms
82ms Image
image/jpeg 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/uploads/2021/09/Salesforce-development.jpg

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

a5551637be40a0750d0ddce0a4115e3603bd798b2f81eac22e60e67640a0452e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 11032
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:42:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d4284a-2b18-5d346f15b0980"
strict-transport-security: max-age=300
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Nearshore-Software-Development.jpg
us.heinsohn.co/wp-content/uploads/2021/09/ 27 KB
27 KB 80ms
80ms Image
image/jpeg 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/uploads/2021/09/Nearshore-Software-Development.jpg

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

16d91eb3fa3055024633cc703baeda0d781dea6911bada0accaee4a06667aaff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 27302
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:40:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d42782-6aa6-5d346eb55e640"
strict-transport-security: max-age=300
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 BotonIntegration.jpg
us.heinsohn.co/wp-content/uploads/2018/05/ 20 KB
21 KB 239ms
238ms Image
image/jpeg 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/uploads/2018/05/BotonIntegration.jpg

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

26fb20d500ab08cc4813f07383abf26b5ce4e6498af7a8f7b919153515320d9f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 20697
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:20:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d41d0f-50d9-5d346a3183f40"
strict-transport-security: max-age=300
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Analytics-and-Big-Data.jpg
us.heinsohn.co/wp-content/uploads/2021/09/ 8 KB
9 KB 236ms
236ms Image
image/jpeg 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/uploads/2021/09/Analytics-and-Big-Data.jpg

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

87277d883084e208520b733ec54222e5f0a245093ff50240d398f1e90f343d32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 8311
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:39:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d42705-2077-5d346e6266280"
strict-transport-security: max-age=300
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Nearshore-IT-Staft-Augmentation.jpg
us.heinsohn.co/wp-content/uploads/2021/09/ 15 KB
15 KB 255ms
255ms Image
image/jpeg 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/uploads/2021/09/Nearshore-IT-Staft-Augmentation.jpg

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

65fbc3f5897126c9efc7b6902a7edf7e5d2882aaeea36118b8d897e60f9d9444

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 15274
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:40:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d4277b-3baa-5d346eb281f80"
strict-transport-security: max-age=300
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 qtq80-DZYkWk.jpeg
us.heinsohn.co/wp-content/uploads/2021/10/ 208 KB
209 KB 248ms
248ms Image
image/jpeg 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/uploads/2021/10/qtq80-DZYkWk.jpeg

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

0b9ab1494c5b514e4181ff0e409fd92a0693a0d99b58a4aac0c54a6a2da5923f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 213230
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:44:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d428d9-340ee-5d346f8fc2980"
strict-transport-security: max-age=300
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 80ms
36ms Image
image/gif 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-93355158-2&cid=1373122687.1658101975&jid=588625&_u=YEBAAEAAAAAAAC~&z=695883875

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 23:52:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 96ms
39ms Image
image/gif 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-93355158-2&cid=1373122687.1658101975&jid=588625&_u=YEBAAEAAAAAAAC~&z=695883875

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 23:52:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Slide2Desarrollo.jpg
us.heinsohn.co/wp-content/uploads/2018/05/ 282 KB
283 KB 78ms
78ms Image
image/jpeg 192.124.249.54
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.heinsohn.co/wp-content/uploads/2018/05/Slide2Desarrollo.jpg

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.54 Markham, Canada, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10054.sucuri.net

Software

nginx /

Resource Hash

d9ead9933166ba45a81c3e8e3ef3e3dc95261b583f6a500705396300095075d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:54 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 288796
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:26:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d4208d-4681c-5d346baa37800"
strict-transport-security: max-age=300
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 14004
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 / Show response
o22381.ingest.sentry.io/api/1409086/envelope/ Frame E67A 2 B
277 B 76ms
42ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o22381.ingest.sentry.io/api/1409086/envelope/?sentry_key=80341f4271be4aec89050e48a0e4553e&sentry_version=7

Requested by

Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.eb3b5698.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://open.spotify.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 17 Jul 2022 23:52:55 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 61ms
21ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=228077499304834&ev=PageView&dl=https%3A%2F%2Fus.heinsohn.co%2F&rl=&if=false&ts=1658101975346&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658101975345.1574997621&it=1658101974710&coo=false&exp=u0&rqm=GET

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 17 Jul 2022 23:52:55 GMT

GET
H/1.1 200
OK ab67656300005f1fefe59bd9e294c6dcd88090c2
i.scdn.co/image/ Frame E67A 29 KB
29 KB 103ms
27ms Image
image/jpeg 2a04:4e42:79::760
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.scdn.co/image/ab67656300005f1fefe59bd9e294c6dcd88090c2
Requested by: Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/embed.d210c562.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:79::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 80aee151b667a4f7097aa886109f7fda29c987605e990b3cc5d8dceaba212356

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://open.spotifycdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 17 Jul 2022 23:52:55 GMT
Age: 453354
X-Cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 29456
X-Served-By: cache-chi-kigq8000152-CHI, cache-iad-kcgs7200155-IAD
Last-Modified: Tue, 01 Feb 2022 19:02:38 GMT
ETag: "65a2b1e51edce3aa65f11493e07bf9b5"
x-goog-generation: 1643742158862447
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
x-goog-stored-content-length: 29456
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK CircularSpUIv3T-Book.3466e0ec.woff2
open.spotifycdn.com/cdn/fonts/ Frame E67A 67 KB
68 KB 23ms
23ms Font
application/octet-stream 2a04:4e42:78::761
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.spotifycdn.com/cdn/fonts/CircularSpUIv3T-Book.3466e0ec.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/1QTE55dYHBm9S7j7R1UBtz?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:78::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1e9022d2e68559c3306657470dc8b02a28508564a67a45d70012205aca3eba47

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 17 Jul 2022 23:52:55 GMT
Last-Modified: Mon, 13 Jun 2022 14:00:42 GMT
Age: 2972957
ETag: "6ff898ba447ac00bc6e457d25bcb0be8"
X-Served-By: cache-ord1720-ORD, cache-chi-kigq8000115-CHI, cache-iad-kjyo7100088-IAD
X-Cache: MISS, HIT, HIT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68852
X-Cache-Hits: 0, 34862, 170955

GET
H2 200 / Show response
apresolve.spotify.com/ Frame E67A 273 B
266 B 65ms
38ms Fetch
application/json 2600:1901:0:524d::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apresolve.spotify.com/?type=dealer&type=spclient
Requested by: Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.eb3b5698.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:524d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 572e45ffb3b2f708df277ea480b5f02534708944552cbd69cec288ef07c15793

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:55 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
via: 1.1 google

GET
H3 200 dc_pre=CNCSzpmPgfkCFdsGaAgdlfAK9w;src=10648187;type=heins0;cat=00-fl0;ord=7107307131334;gtm=2wg7d0;auiddc=1937092671.1658101975;u1=https%3A%2F%2Fus.heinsohn.co%2F;u5=us.heinsohn.co;~oref=https%3A%2... Show response
adservice.google.ca/ddm/fls/i/ Frame 5392 194 B
199 B 105ms
50ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/ddm/fls/i/dc_pre=CNCSzpmPgfkCFdsGaAgdlfAK9w;src=10648187;type=heins0;cat=00-fl0;ord=7107307131334;gtm=2wg7d0;auiddc=1937092671.1658101975;u1=https%3A%2F%2Fus.heinsohn.co%2F;u5=us.heinsohn.co;~oref=https%3A%2F%2Fus.heinsohn.co%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNCSzpmPgfkCFdsGaAgdlfAK9w;src=10648187;type=heins0;cat=00-fl0;ord=7107307131334;gtm=2wg7d0;auiddc=1937092671.1658101975;u1=https%3A%2F%2Fus.heinsohn.co%2F;u5=us.heinsohn.co;~oref=https%3A%2F%2Fus.heinsohn.co%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Jul 2022 23:52:55 GMT
expires: Sun, 17 Jul 2022 23:52:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 9804
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=OTc4NDc3NDA3NDY3NTc1Nzc5&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJwJ34OEEASxAmRkD5_4bdk&google_cver=1

42 B
1005 B

304ms
242ms

Image
image/gif

199.38.167.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJwJ34OEEASxAmRkD5_4bdk&google_cver=1
Requested by: Host: us.heinsohn.co
URL: https://us.heinsohn.co/
Protocol: HTTP/1.1
Server: 199.38.167.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 17 Jul 2022 23:52:55 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 17 Jul 2022 23:52:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJwJ34OEEASxAmRkD5_4bdk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 9804
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=978477407467575779
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D978477407467575779

43 B
1 KB

240ms
239ms

Image
image/gif

68.67.181.207
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D978477407467575779

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

HTTP/1.1

Server

68.67.181.207 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Jul 2022 23:52:55 GMT
X-Proxy-Origin: 149.56.153.181; 149.56.153.181; 554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 63a7f473-458c-485e-8ade-9eedb82a064d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 17 Jul 2022 23:52:55 GMT
X-Proxy-Origin: 149.56.153.181; 149.56.153.181; 554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9c087946-5b98-414e-a8bd-170282f9429b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D978477407467575779
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 9804 42 B
743 B 241ms
26ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=978477407467575779&
Requested by: Host: us.heinsohn.co
URL: https://us.heinsohn.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: b5ba23d75d0dcd35432b720d73e3149b
Content-Type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 9804
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=978477407467575779&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=978477407467575779&redir=

42 B
941 B

38ms
38ms

Image
image/gif

52.45.73.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=978477407467575779&redir=

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

HTTP/1.1

Server

52.45.73.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-73-214.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v036-01a463fb8.edge-va6.demdex.com 12 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: fyQPxQjWQfk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-1-v036-0dcdebf98.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Y9+a/FIBTPQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=978477407467575779&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 9804
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=978477407467575779&bid=omt9pi0
https://ps.eyeota.net/match/bounce/?uid=978477407467575779&bid=omt9pi0

70 B
440 B

25ms
25ms

Image
image/gif

34.231.251.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=978477407467575779&bid=omt9pi0
Requested by: Host: us.heinsohn.co
URL: https://us.heinsohn.co/
Protocol: HTTP/1.1
Server: 34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-251-31.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 17 Jul 2022 23:52:55 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=978477407467575779&bid=omt9pi0
Date: Sun, 17 Jul 2022 23:52:55 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 cksync.php
contextual.media.net/ Frame 9804 45 B
616 B 134ms
46ms Image
image/gif 184.29.128.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=978477407467575779

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.29.128.24 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-29-128-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Sun, 17 Jul 2022 23:52:55 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Sun, 17 Jul 2022 23:52:55 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame 9804 0
105 B 171ms
26ms Image
text/plain 34.193.150.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by: Host: us.heinsohn.co
URL: https://us.heinsohn.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.150.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-150-192.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame 9804
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978477407467575779&referrer=https%3A%2F%2Fus.heinsohn.co%2F
https://p.rfihub.com/cm?pub=39342&in=0&userid=55c38e18-2712-44e1-afe1-71f59a4be28e%3A1658101975.7074513&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D55c38e18-2712-44e1-afe1-71f59a4...
https://idsync.rlcdn.com/501709.gif?partner_uid=55c38e18-2712-44e1-afe1-71f59a4be28e%3A1658101975.7074513
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGT9QT_4LsmH-CTQ71vR7FA&google_cver=1

42 B
60 B

42ms
42ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGT9QT_4LsmH-CTQ71vR7FA&google_cver=1
Requested by: Host: us.heinsohn.co
URL: https://us.heinsohn.co/
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Jul 2022 23:52:56 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 17 Jul 2022 23:52:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGT9QT_4LsmH-CTQ71vR7FA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 9804 43 B
109 B 359ms
64ms Image
image/gif 34.206.157.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=978477407467575779
Requested by: Host: us.heinsohn.co
URL: https://us.heinsohn.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.157.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-157-2.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:55 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9804
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=978477407467575779&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=978477407467575779&forward=&C=1

43 B
945 B

92ms
72ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=978477407467575779&forward=&C=1
Requested by: Host: us.heinsohn.co
URL: https://us.heinsohn.co/
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72c6e4e43adea1ec-YYZ
pragma: no-cache
date: Sun, 17 Jul 2022 23:52:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2q4qvXp%2BFMt2Vt%2BVQwcqOAO1hFJtmZdvjRvq0eFXn%2FyDoAORqadd%2F5CO6Vx0KS3j3rTY0tffRzCpTi8uYoY7HoMWIrxfp5qgckS0lzadnMQZt8cBO%2F6bvEZpw3YZfGBstofUizV9Y05Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 17 Jul 2022 23:52:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyNzQTNuhTJVvE%2Bxdut%2FgdViEGg5TrXPJzD2tmQCh2fLN47F05oUvmaso0LelogsMlIoYcg0Wf56LXu%2BPlEPPWwYom4nEf4Tz6vfep61ouSjpLZbgNT4NmIYV5GgKHZHn5R9zF4sYhHEug%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=57&external_user_id=978477407467575779&forward=&C=1
cache-control: no-cache
cf-ray: 72c6e4e3bbe2546d-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame 9804 42 B
450 B 82ms
41ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=978477407467575779
Requested by: Host: us.heinsohn.co
URL: https://us.heinsohn.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Jul 2022 23:52:55 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 9804 43 B
191 B 168ms
95ms Image
image/gif 184.50.205.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=978477407467575779

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-50-205-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 23:52:55 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 17 Jul 2022 23:52:55 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 9804
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=978477407467575779&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=978477407467575779&img=1&__user_check__=1&sync_id=9436ea38-062b-11ed-b8ee-12f1e0b20203

43 B
549 B

38ms
37ms

Image
image/gif

192.35.249.127
SPOTX-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=978477407467575779&img=1&__user_check__=1&sync_id=9436ea38-062b-11ed-b8ee-12f1e0b20203
Requested by: Host: us.heinsohn.co
URL: https://us.heinsohn.co/
Protocol: HTTP/1.1
Server: 192.35.249.127 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 17 Jul 2022 23:52:55 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 397
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sun, 17 Jul 2022 23:52:55 GMT
Server: nginx
Location: /partner?adv_id=7180&uid=978477407467575779&img=1&__user_check__=1&sync_id=9436ea38-062b-11ed-b8ee-12f1e0b20203
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 393
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 9804 43 B
183 B 83ms
23ms Image
image/gif 2600:1f18:612b:4216:68f0:5178:951f:deb4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=978477407467575779&r=-cwZBhAmPI5h
Requested by: Host: us.heinsohn.co
URL: https://us.heinsohn.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:68f0:5178:951f:deb4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:55 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 9804 43 B
532 B 103ms
26ms Image
image/gif 13.225.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=978477407467575779
Requested by: Host: us.heinsohn.co
URL: https://us.heinsohn.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-117.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 23:52:55 GMT
via: 1.1 04d5f6961d9b76b97c908d8ed9816378.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: ehLfuCuDrVpLfMu2o63OQ7oUMjhw0AuWguo0bwJu6U_rl1wpI23vTQ==
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 9804 0
338 B 97ms
25ms Image
text/plain 18.208.27.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=978477407467575779
Requested by: Host: us.heinsohn.co
URL: https://us.heinsohn.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.27.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-27-160.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:55 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1658101975
x-served-by: beacon-n025-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 9804
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=978477407467575779&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=978477407467575779&expires=30

43 B
510 B

36ms
36ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=978477407467575779&expires=30
Requested by: Host: us.heinsohn.co
URL: https://us.heinsohn.co/
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 17 Jul 2022 23:52:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=978477407467575779&expires=30
Date: Sun, 17 Jul 2022 23:52:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 9804
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YtSg1wAQ7f8ZzwAj
https://p.rfihub.com/cm?in=1&pub=21653&userid=YtSg1wAQ7f8ZzwAj&_test=YtSg1wAQ7f8ZzwAj

42 B
1 KB

20ms
19ms

Image
image/gif

199.38.167.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=YtSg1wAQ7f8ZzwAj&_test=YtSg1wAQ7f8ZzwAj
Requested by: Host: us.heinsohn.co
URL: https://us.heinsohn.co/
Protocol: HTTP/1.1
Server: 199.38.167.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20838706p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 17 Jul 2022 23:52:55 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 17 Jul 2022 23:52:55 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1658101976.971121,VS0,VE0
x-served-by: cache-yul12824-YUL
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=YtSg1wAQ7f8ZzwAj&_test=YtSg1wAQ7f8ZzwAj
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 759A 42 KB
22 KB 71ms
70ms Document
text/html 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcIkBweAAAAALwZTfo6wH328GmhBRWyD6pJ4KQy&co=aHR0cHM6Ly91cy5oZWluc29obi5jbzo0NDM.&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=scupma72ptmo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

505df3d3b5e8ec9d64a516f1bd5ac08d970a601750f9d63d16740c3034150af3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kAjwONwJUVxaToIB1MIo-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us.heinsohn.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22123
content-security-policy: script-src 'report-sample' 'nonce-kAjwONwJUVxaToIB1MIo-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 17 Jul 2022 23:52:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 65ms
21ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500%2C400%7CMontserrat:700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://us.heinsohn.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:32:09 GMT
x-content-type-options: nosniff
age: 361246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 19:32:09 GMT

POST
H3 200 events Show response
guc3-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame E67A 13 B
61 B 135ms
115ms Fetch
application/json 2600:1901:1:e71::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://guc3-spclient.spotify.com/gabo-receiver-service/public/v3/events

Requested by

Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.eb3b5698.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:1:e71:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://open.spotify.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
date: Sun, 17 Jul 2022 23:52:55 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
via: HTTP/2 edgeproxy, 1.1 google

POST
H3 200 events Show response
guc3-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame E67A 13 B
61 B 182ms
164ms Fetch
application/json 2600:1901:1:e71::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://guc3-spclient.spotify.com/gabo-receiver-service/public/v3/events

Requested by

Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.eb3b5698.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:1:e71:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://open.spotify.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
date: Sun, 17 Jul 2022 23:52:55 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
via: HTTP/2 edgeproxy, 1.1 google

OPTIONS
H2 200 events
guc3-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 0
0 72ms
44ms Preflight 2600:1901:1:e71::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://guc3-spclient.spotify.com/gabo-receiver-service/public/v3/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:e71:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://open.spotify.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: *
access-control-max-age: 604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 17 Jul 2022 23:52:55 GMT
server: envoy
strict-transport-security: max-age=31536000
via: HTTP/2 edgeproxy, 1.1 google
x-content-type-options: nosniff

OPTIONS
H2 200 events
guc3-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 0
0 72ms
44ms Preflight 2600:1901:1:e71::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://guc3-spclient.spotify.com/gabo-receiver-service/public/v3/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:e71:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://open.spotify.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: *
access-control-max-age: 604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 17 Jul 2022 23:52:55 GMT
server: envoy
strict-transport-security: max-age=31536000
via: HTTP/2 edgeproxy, 1.1 google
x-content-type-options: nosniff

GET
H3 200 get_access_token Show response
open.spotify.com/ Frame E67A 220 B
234 B 122ms
118ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://open.spotify.com/get_access_token?reason=transport&productType=embed

Requested by

Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.eb3b5698.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

031b01f2b080307677a06716928a4bc3defe1d47dd840b16abe46a9c8f6db273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://open.spotify.com/embed-podcast/episode/1QTE55dYHBm9S7j7R1UBtz?utm_source=generator
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

sp-trace-id: fd6bc8b4d2c93a0d
date: Sun, 17 Jul 2022 23:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
via: HTTP/2 edgeproxy, 1.1 google
vary: Accept-Encoding,Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 759A 51 KB
24 KB 365ms
21ms Stylesheet
text/css 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcIkBweAAAAALwZTfo6wH328GmhBRWyD6pJ4KQy&co=aHR0cHM6Ly91cy5oZWluc29obi5jbzo0NDM.&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=scupma72ptmo

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Jul 2023 06:08:10 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 759A 362 KB
143 KB 363ms
21ms Script
text/javascript 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7394cc0158bd83bdfd6c63cebb7fb96a873394f273c873f3cdbddf1f2a43e436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 19:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146545
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Jul 2023 19:31:45 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame CBB5 0
18 B 70ms
44ms Document
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: us.heinsohn.co
URL: https://us.heinsohn.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://us.heinsohn.co
Referer: https://us.heinsohn.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://us.heinsohn.co
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 17 Jul 2022 23:52:55 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 events Show response
guc3-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame E67A 13 B
61 B 92ms
92ms Fetch
application/json 2600:1901:1:e71::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://guc3-spclient.spotify.com/gabo-receiver-service/public/v3/events

Requested by

Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.eb3b5698.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:1:e71:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://open.spotify.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
date: Sun, 17 Jul 2022 23:52:55 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
via: HTTP/2 edgeproxy, 1.1 google

OPTIONS
H3 200 events
guc3-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 0
0 43ms
43ms Preflight 2600:1901:1:e71::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://guc3-spclient.spotify.com/gabo-receiver-service/public/v3/events

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:1:e71:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://open.spotify.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: *
access-control-max-age: 604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 17 Jul 2022 23:52:55 GMT
server: envoy
strict-transport-security: max-age=31536000
via: HTTP/2 edgeproxy, 1.1 google
x-content-type-options: nosniff

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 759A 2 KB
2 KB 21ms
20ms Image
image/png 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 10:24:08 GMT
x-content-type-options: nosniff
age: 48528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 24 Jul 2022 10:24:08 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 759A 15 KB
15 KB 22ms
21ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 15:59:51 GMT
x-content-type-options: nosniff
age: 460385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Jul 2023 15:59:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 759A 15 KB
15 KB 23ms
23ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 05:01:07 GMT
x-content-type-options: nosniff
age: 499909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 05:01:07 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 759A 102 B
132 B 39ms
38ms Other
text/javascript 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

345a8c055a29d5418818ddef9e55c9f8017a3c0a7578849e889658e0f015abc4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcIkBweAAAAALwZTfo6wH328GmhBRWyD6pJ4KQy&co=aHR0cHM6Ly91cy5oZWluc29obi5jbzo0NDM.&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=scupma72ptmo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 23:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 1; mode=block
expires: Sun, 17 Jul 2022 23:52:56 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=526286823&t=timing&_s=2&dl=https%3A%2F%2Fus.heinsohn.co%2F&ul=en-us&de=UTF-8&dt=Business%20Technology%20Company%3A%20Agile%2C%20Robust%2C%20Scalable%20%7C%20Heinsohn%20Corp&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3120&pdt=24&dns=15&rrt=0&srt=342&tcp=53&dit=1577&clt=1586&_gst=1265&_gbt=1394&_cst=967&_cbt=1217&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1373122687.1658101975&tid=UA-93355158-2&_gid=1026779557.1658101975&gtm=2wg7d0KVXMP69&z=1770214575

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 17:30:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22954
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=526286823&t=event&ni=0&_s=1&dl=https%3A%2F%2Fus.heinsohn.co%2F&ul=en-us&de=UTF-8&dt=Business%20Technology%20Company%3A%20Agile%2C%20Robust%2C%20Scalable%20%7C%20Heinsohn%20Corp&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25&el=%2F&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1373122687.1658101975&tid=UA-93355158-2&_gid=1026779557.1658101975&gtm=2wg7d0KVXMP69&z=1637444797

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us.heinsohn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 17:30:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22954
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 759A 32 KB
18 KB 78ms
78ms XHR
application/json 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcIkBweAAAAALwZTfo6wH328GmhBRWyD6pJ4KQy

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

998773e0589951306e3bc9e176ca219b6d25bc047c6d8c28cba58d668da1f560

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcIkBweAAAAALwZTfo6wH328GmhBRWyD6pJ4KQy&co=aHR0cHM6Ly91cy5oZWluc29obi5jbzo0NDM.&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=scupma72ptmo
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sun, 17 Jul 2022 23:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18564
x-xss-protection: 1; mode=block
expires: Sun, 17 Jul 2022 23:52:56 GMT

POST
H3 200 events Show response
guc3-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame E67A 13 B
61 B 123ms
123ms Fetch
application/json 2600:1901:1:e71::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://guc3-spclient.spotify.com/gabo-receiver-service/public/v3/events

Requested by

Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.eb3b5698.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:1:e71:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://open.spotify.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
date: Sun, 17 Jul 2022 23:52:59 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
via: HTTP/2 edgeproxy, 1.1 google

POST
H3 200 events Show response
guc3-spclient.spotify.com/gabo-receiver-service/v3/ Frame E67A 258 B
122 B 157ms
157ms Fetch
application/json 2600:1901:1:e71::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://guc3-spclient.spotify.com/gabo-receiver-service/v3/events

Requested by

Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.eb3b5698.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:1:e71:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

d26dcfc74ba95a5e81476ccc3b3dd3cd99c8dc9b6b1492fdd6b56cfefb89cc80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://open.spotify.com/
accept-language: en-CA,en;q=0.9
authorization: Bearer BQDdAERnaSDBT8HJgHmBCFaDe9g-iQKF9YDxZxwkkRVtPjGLD_6LenPLHVSqcDE23l_Xi_hwaBaNy_7SW2wrxBnT7-CxllCrgxRpUHGd2Pj4mDgwChM
content-type: application/json

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
date: Sun, 17 Jul 2022 23:52:59 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99
via: HTTP/2 edgeproxy, 1.1 google

OPTIONS
H3 200 events
guc3-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 0
0 44ms
44ms Preflight 2600:1901:1:e71::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://guc3-spclient.spotify.com/gabo-receiver-service/public/v3/events

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:1:e71:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://open.spotify.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: *
access-control-max-age: 604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 17 Jul 2022 23:52:59 GMT
server: envoy
strict-transport-security: max-age=31536000
via: HTTP/2 edgeproxy, 1.1 google
x-content-type-options: nosniff

OPTIONS
H3 200 events
guc3-spclient.spotify.com/gabo-receiver-service/v3/ Frame 0
0 47ms
47ms Preflight 2600:1901:1:e71::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://guc3-spclient.spotify.com/gabo-receiver-service/v3/events

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:1:e71:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://open.spotify.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: *
access-control-max-age: 604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 17 Jul 2022 23:52:59 GMT
server: envoy
strict-transport-security: max-age=31536000
via: HTTP/2 edgeproxy, 1.1 google
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 08:54:13	Name: _GRECAPTCHA Value: 09AJ0K9lIXyOFcDQmHE6qtrV6Foxy0YGrBeru67kAW9hItcIHrlXNLNyJXhKTaGkTOdzx3EaPKDxtZGSFaBI9D2_I
.heinsohn.co/	1970-01-20 06:44:37	Name: _gcl_au Value: 1.1.1937092671.1658101975
.unsplash.com/	1970-01-20 13:20:37	Name: ugid Value: 774545ead7c73ff91112d4d23e57cd135527006
.spotify.com/	1970-01-20 13:20:37	Name: sp_t Value: 9f5a03fbf9f9e55d65816a28b675def8
.spotify.com/	1970-01-20 04:36:28	Name: sp_landing Value: https%3A%2F%2Fopen.spotify.com%2Fembed-podcast%2Fepisode%2F1QTE55dYHBm9S7j7R1UBtz%3Fsp_cid%3D9f5a03fbf9f9e55d65816a28b675def8%26device%3Ddesktop%26utm_source%3Dgenerator
.heinsohn.co/	1970-01-20 22:06:13	Name: _ga Value: GA1.2.1373122687.1658101975
.heinsohn.co/	1970-01-20 04:36:28	Name: _gid Value: GA1.2.1026779557.1658101975
.heinsohn.co/	1970-01-20 04:35:02	Name: _gat_UA-93355158-2 Value: 1
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSsjS3MDE3NzEwNzEzNwVCc0shPkPdQuMcz8QCw7TKyrQgAKPkQgckAAAA
.rfihub.com/	1970-01-20 13:56:37	Name: rud Value: H4sIAAAAAAAAAOMSsjS3MDE3NzEwNzEzNwVCc0shPkPdQuMcz8QCw7TKyrQgAKPkQgckAAAA
.heinsohn.co/	1970-01-20 06:44:37	Name: _fbp Value: fb.1.1658101975345.1574997621
.facebook.com/	1970-01-20 06:44:37	Name: fr Value: 07DGvqdjKKEbGf9ai..Bi1KDX...1.0.Bi1KDX.
.adnxs.com/	1970-01-20 06:44:37	Name: uuid2 Value: 2517262405980700096
.doubleclick.net/	1970-01-20 22:06:13	Name: IDE Value: AHWqTUnWYJLXsr2QoN3bnNFsq9XVcfye2EmXdezaKl03T4T75hpX9N-D2mRFaWwLmDg
.demdex.net/	1970-01-20 08:54:13	Name: demdex Value: 12997621673880635581308157322886918379
.casalemedia.com/	1970-01-20 13:20:37	Name: CMID Value: YtSg16CwbZWQ5DwqmXZvegAA
.casalemedia.com/	1970-01-20 06:44:37	Name: CMPS Value: 478
.casalemedia.com/	1970-01-20 06:44:37	Name: CMPRO Value: 478
.media.net/	1970-01-20 13:20:37	Name: visitor-id Value: 3011035751454982000V10
.media.net/	1970-01-20 13:19:11	Name: data-rk Value: 978477407467575779~~3
.dpm.demdex.net/	1970-01-20 08:54:13	Name: dpm Value: 12997621673880635581308157322886918379
.rezync.com/	1970-01-20 13:56:12	Name: zync-uuid Value: 55c38e18-2712-44e1-afe1-71f59a4be28e:1658101975.7074513
live.rezync.com/	1970-01-20 13:56:37	Name: sd-session-id Value: .eJwNjNEKgzAMRf8lz3aYmpi0PyPVRSib3bDuZeK_Wy4cOHC4J0xf27dUrBwQj_1nHSzv3KxCPKHm_2YviBBESYR6oVG4TQJcHVSrNX_KlJ8tYV4GNVTnBb0jMnRpbRBcOSSazatFHFmxxyD8kHbGOMB1A4y-JVs.YtSg1w.ckGZjtPzVIRtS2nla-vJGhpeTEQ
.casalemedia.com/	1970-01-20 06:44:37	Name: CMTS Value: 182
.rubiconproject.com/	1970-01-20 13:20:37	Name: khaos Value: L5PZ3SO9-1T-JICQ
.rubiconproject.com/	1970-01-20 13:20:37	Name: audit Value: 1\|ZAAuKA/mN/DzF2MznCk8eYYOQUpFlcfzzNSZzo6DtWIeECEUBMheiopad/csI5drMXc5ye+SrQEwHTRO1/p4iHtpUhum9g902C0P9eFnaL7WsSZQ5MMh+XQdCxLjwSUCUEoVOj8v+unQlB03aSVaYn0Dfo43Aqo9
.eyeota.net/	1970-01-20 13:20:37	Name: mako_uid Value: 1820e944aeb-16de0000010a4b89
.eyeota.net/	1970-01-20 04:35:02	Name: SERVERID Value: 19337~DM
.ws.zoominfo.com/	1970-01-20 13:20:37	Name: visitorId Value: 3ab9e105f136c7c5c901a6a9f739e2356dd26ce176669b3245a4d8ff38e8bd43
.spotxchange.com/	1970-01-20 05:15:21	Name: audience Value: 9436e9de-062b-11ed-b8ee-12f1e0b20203
.krxd.net/	1970-01-20 08:54:13	Name: _kuid_ Value: O9qhcyl3
.adnxs.com/	1970-01-20 06:44:37	Name: anj Value: dTM7k!M4/YDYRWSF']wIg2GUkL3NOV!@wnfH8K'E.xp/UE</unD[%)rCzFJhHD5)_U6/^OCGNpad'AFsd/2)Ld$SO8)gE7d
.rlcdn.com/	1970-01-20 06:01:25	Name: pxrc Value: CNfB0pYGEgYIuuoBEAA=
.everesttech.net/	1970-01-20 13:20:37	Name: everest_g_v2 Value: g_surferid~YtSg1wAQ7f8ZzwAj
.bidswitch.net/	1970-01-20 13:20:37	Name: tuuid Value: aa665926-08b0-4f55-9f91-030553ac44a9
.bidswitch.net/	1970-01-20 13:20:37	Name: c Value: 1658101975
.rfihub.com/	1970-01-20 13:56:37	Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA129Sr3Mjbxd3V1DK5wzA3KdjGNN0lKyQ7iNTQztTA0MLQ0N7U0M5rFiOCbWJhZrELjn0Ljv0Lj_0LjT2JC5c9C4y9C469C429C4-9CV8-Cyr-FxDc1MzFbxCoQWRKcbljuGGieZhFVVe6YtYoV2cuWxptY0azgRvMSGn-RMCr_ERofAAXTKY1wAQAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA129Sr3Mjbxd3V1DK5wzA3KdjGNN0lKyV7FKBBZEpxuWO4YaJ5mEVVV7pgFAPi6A1QxAAAA
.bidswitch.net/	1970-01-20 13:20:37	Name: tuuid_lu Value: 1658101976
.rlcdn.com/	1970-01-20 13:20:37	Name: rlas3 Value: chiEIC6Z0KRa7PCpmNw+TEHQ9GRlIk51chXxKsiDDOA=
.us.heinsohn.co/	1970-01-20 22:06:13	Name: _ga Value: GA1.3.1373122687.1658101975
.us.heinsohn.co/	1970-01-20 04:36:28	Name: _gid Value: GA1.3.1026779557.1658101975

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://us.heinsohn.co/(Line 871) Message: Allow attribute will take precedence over 'allowfullscreen'.
javascript	warning	URL: https://open.spotifycdn.com/cdn/build/embed/embed.f46cde3d.js Message: It is recommended that a robustness level be specified. Not specifying the robustness level could result in unexpected behavior.
javascript	warning	URL: https://open.spotify.com/embed-podcast/episode/1QTE55dYHBm9S7j7R1UBtz?utm_source=generator Message: The resource https://open.spotifycdn.com/cdn/fonts/spoticon_regular_2.d319d911.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10648187.fls.doubleclick.net
20838706p.rfihub.com
a.rfihub.com
aa.agkn.com
ad.doubleclick.net
adservice.google.ca
adservice.google.com
apresolve.spotify.com
assets.calendly.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
guc3-spclient.spotify.com
i.scdn.co
ib.adnxs.com
idsync.rlcdn.com
images.unsplash.com
live.rezync.com
o22381.ingest.sentry.io
open.spotify.com
open.spotifycdn.com
p.rfihub.com
partners.tremorhub.com
pixel.rubiconproject.com
ps.eyeota.net
s.w.org
source.unsplash.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
us.heinsohn.co
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.rtb123.com
x.bidswitch.net
x.dlx.addthis.com
104.18.18.126
13.225.214.117
13.225.63.53
142.251.40.130
142.251.40.166
151.101.130.49
18.208.27.160
184.29.128.24
184.50.205.90
192.0.77.48
192.124.249.54
192.35.249.127
199.38.167.128
2600:1901:0:524d::
2600:1901:1:c36::
2600:1901:1:e71::
2600:1f18:612b:4216:68f0:5178:951f:deb4
2600:9000:21da:1200:1:76cf:fe80:93a1
2606:4700:3108::ac42:2928
2606:4700::6810:650c
2606:4700::6811:180e
2607:f8b0:4004:c07::9d
2607:f8b0:4006:809::2004
2607:f8b0:4006:809::200a
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80d::2003
2607:f8b0:4006:816::2003
2607:f8b0:4006:81c::2002
2607:f8b0:4006:821::200e
2607:f8b0:4006:823::2002
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:78::720
2a04:4e42:78::761
2a04:4e42:79::760
3.220.57.224
34.120.195.249
34.193.150.192
34.206.157.2
34.231.251.31
35.190.60.146
35.211.178.172
52.45.73.214
67.225.220.126
68.67.181.207
69.173.151.100
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02a135d7c0493042acaef8ee913a9f30cdaec8b30b33f85f8e5c11d7651990ee
031b01f2b080307677a06716928a4bc3defe1d47dd840b16abe46a9c8f6db273
033cd21c76b84dd9c7a829c835a65d0980c0299f957c95760b686dbecd0b5b6d
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
073c0654ffc5160e56260a8ca8376a10a7fd0a6dde4f8c87bb8122689bb11b4d
0b9ab1494c5b514e4181ff0e409fd92a0693a0d99b58a4aac0c54a6a2da5923f
0ce8d813e9fed42454cc32f01212a0daa714d2a07e1ebed09a1125d8ea7063c7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1324a06a3a4e142ab8add34477b0309b68ef7b7a699540a7791bbbe929f7c0a9
1569cc17e59582d682f33021f1a3e4e057d8d8681701ada555817418b6ba1eb9
16d91eb3fa3055024633cc703baeda0d781dea6911bada0accaee4a06667aaff
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e9022d2e68559c3306657470dc8b02a28508564a67a45d70012205aca3eba47
201f4ee6ba201031c8fb375f9ae50bc019bdc6928b47b6a575158e8329b10499
235eb9405c6dadf6c4797cf545460e8862486aa4dbbc10a95d35625c7a3032f9
2685c1caf9a3e6616da70c63212ff6d6a6747e4929edf55832ebd18ef7a43ccf
26fb20d500ab08cc4813f07383abf26b5ce4e6498af7a8f7b919153515320d9f
2790b050d606c7dca2f55a16934045dbadce10b36475968dbc876e9013424335
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
29ef54313b40bd9674118b386ec8d3d6d47edb6de74d80deac2248467be65b57
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2ec568571bd8ddabaf3c32ddfaeef6f09960f974f1d92ff02bc2482184e49c5f
2f99409d72075c8d0360b2631e86a7be4a07b89f9413e98dd41738ff2c4b536e
3197aac97a53e40ef78620f54b23651684b8cfef7580e2c23e6a41c1d4b51f43
3289fbdc75b9a7527d14476f224ff3d6a61dbdb1fc689eea3b88823c4751f632
345a8c055a29d5418818ddef9e55c9f8017a3c0a7578849e889658e0f015abc4
3499f1ad0e2c520c1fbfe48d698b74e3ca56b22053d75496d89c0bc06aab2deb
36968efa19d84f3f4562dd3e37434c1f369458faf510571c4dc6ecbb3bb44902
36c3de98498765c79a2bc5b949ac6f2d3618d1783c71edfd18b835b99a9d39da
3a3ce7609d7e66e849f48191c94919697ad3f8f70c3ebde6a3e48949b8a05b27
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
3f5e5f87d7dc1a58e914cdd7a2309fcd3661e4525ad0dc002dbca1d1da5a0786
3f9c96f48441fd2b07a1404841fa1f8ac21f3155e61dd54506ed27732786c786
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361
4c530330035c9f156b98d18b6f725061a87f5ea7ee594a92e6db751799d65e3c
4d68109546b110ef49636e8054d0d28949f2a090ee4c4f967ea89e411356c467
505df3d3b5e8ec9d64a516f1bd5ac08d970a601750f9d63d16740c3034150af3
51e2fef0d40e12d3e0f6f47a8fd0368a7b55c4696ec24139bfe08645e6770aa2
52ef65da1e8d36e73f035067f581c050d485535910210b8d3242005b00ea0ddf
53022b9d197e47372ac23d04e60c0a1c80c76e5e405d915712f0d607be21bebf
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f372831240728d0e9110515af0b274e10a66c9d68d7a2d864d6aaa547cff5a
572e45ffb3b2f708df277ea480b5f02534708944552cbd69cec288ef07c15793
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60872361dc2b5e6238d5eeac94547c3fb5771393dcfd341c64d2ead3cbec15d3
65fbc3f5897126c9efc7b6902a7edf7e5d2882aaeea36118b8d897e60f9d9444
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6d42e4ebfebeaa173c2e690f82406fcf20ec5db30acd069789daebb9570339d5
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
6eba7ed8e0d2585eb33a250d85cf2dd0cc88dfee7b7d07c724442adf6ef24aff
6fbb2db35a2e86d99c2385d4bc9a06517afdfe8f5bd2aedebb1dc3dff356ea30
7394cc0158bd83bdfd6c63cebb7fb96a873394f273c873f3cdbddf1f2a43e436
770c603c0ac0aa39e1c197f24266cb2c7b1e8675576c644f74177abc062d3e91
773d12971ed2348e780482568fae18c567b891f356bd01ee1fb7adad7b800900
78d7ebc4dae44f3ed525a43252ee2c170a93fb4c9a83816b77d51c75fdd47871
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
80aee151b667a4f7097aa886109f7fda29c987605e990b3cc5d8dceaba212356
81e590de3259828c8458f3e9748a95e8e6de347992c3f00a9eb8f798b511434f
81ff08960b407fde4ee478cf9e8804ca6daf5491d65932f255e24babed80d14b
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
87277d883084e208520b733ec54222e5f0a245093ff50240d398f1e90f343d32
897cda707d438f8d6b6b92cfcb2c1fd2035ff59f5f0c5b9943d2f04d411f7fda
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
939ce3ebed7e1b0fdb67ffe8e8b8a6ccb7263dba2295c285d681878a4a81797a
95575e5851789d6def2c508c3a8563853c005deb31d7b5185b83e5d13bcb2080
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
998773e0589951306e3bc9e176ca219b6d25bc047c6d8c28cba58d668da1f560
9b389d7f455f9d50367741b3b34481e4cf95b9f6d4f23a4d3afe30f71d0ca884
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23757ebb210c2d1c0455713594401d07ef51a74dcd3f7b5cd4a0ed2d8ecf1e0
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
a2c1967d4bc375b190863aabb8bb22a2da4ec5461f8dfd8add4987e3687a26ed
a5551637be40a0750d0ddce0a4115e3603bd798b2f81eac22e60e67640a0452e
a5f70e90e97e6ac1952a1a116dba485b468fa98dca2977853768a946227c7bc0
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a6964d59b534e0e2365b35df4693a998693291cd275a433a260bf53eb2557ac4
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
a963f0291dd11d7fa6d5a79c342daeed2f6360cfa179715aa197a208d61a6627
a9d2bd2d90cbbedd8ea3df2e4245824c56ed26823c9abe4b1062af79f853b6a6
aa967f4f13b131054f35e3c74575d98dbe96929f3a102123207493dd7af9cdcb
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b0a357fa41dbc676d3dd1c0675551167d033402e28915848a62f6eaee7fb0a
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb5677bcd61703e98d4e275bee546ffa99a970f913b699a727398802da8d4c3d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c038ca53e8ede27d00975dcc66bb4d0250c2ff45e999b235c147d712b9c26835
c682502bdd9d75ab27160338a8acdbc9d1fe1587ab08e5d8bc04d785c3e65745
c6cd22a13d745ecbf7db7cbb8a51b5e3fb389f644469b930787416b45ee7ad30
c7a68666631143fb3a0b04dde2eb3b745f453378dfe995b2179ed3c9e6a61306
ccba2fd11afeb14fb54e741f6c003f2a12f995ceeecc606c5a2d4153a9220878
ce97f53f41ccef2e3da32e43ffacb367409fbd707f975ca7747a793a5d961720
cf4644a406f9b1adfdcd89753755095f537d900bda5d4727b7558444b962fb2a
d16c6e011d7e40022308526c475b5d017458c2e408d7429d46aee164d7396f93
d26dcfc74ba95a5e81476ccc3b3dd3cd99c8dc9b6b1492fdd6b56cfefb89cc80
d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b
d728648c3e1d90bf50f0e988787ce26ea1111fa697b0a9daeb95d6724842a9c1
d98f979b003771153e700a451fc7a2c192bc596571db2b31a8d0b927e4e6ea46
d9ead9933166ba45a81c3e8e3ef3e3dc95261b583f6a500705396300095075d9
da7a14ab58198ca238c7721c733d13e1ee6e7308d900bf96ef6d9da0c944ad2d
dc19c2e40e42974f0416a3f4cc97e2dbb85a5b5598b76a75e9254164922e7be0
dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991
dd6ec59ab60677bf6b5a89bb79630f342a39b4919b4582c74043a705e6d98640
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
ea2bad93d2add75de9adfafc8705c838f4e48c98d4ddf378cc44644b7fa8a182
eab007b887d70722ac2232014f1085551e3d262da75db00a05952d529872bfa8
ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
f6554c239e5bb8964ccd6bb817053c286dc49c144faf148a663aadaa681306ed
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fb63254083f94861e0b6ffb524fd3db0c3538d081c619185134dde0ca7b8c648
fdd138740f41055507d1145a8b2f2f8aa75dd3941ef48bd4caf128c8f6e4e2c0

us.heinsohn.co Open in urlscan Pro 192.124.249.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

169 Requests

93 %HTTPS

50 %IPv6

39 Domains

50 Subdomains

44 IPs

3 Countries

4513 kBTransfer

11077 kBSize

42 Cookies

3 Outgoing links

Redirected requests

169 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

us.heinsohn.co Open in urlscan Pro
192.124.249.54 Public Scan

Screenshot
Live screenshot

Full Image

169
Requests

93 %
HTTPS

50 %
IPv6

39
Domains

50
Subdomains

44
IPs

3
Countries

4513 kB
Transfer

11077 kB
Size

42
Cookies

169 HTTP transactions
0 data transactions