www.heinz.com Open in urlscan Pro
34.111.11.8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://khparis2024.ca/
Effective URL:
https://www.heinz.com/en-CA
Submission: On May 30 via api (May 30th 2024, 10:57:30 am UTC) from US — Scanned from CA

Summary HTTP 72 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 14 IPs in 1 countries across 13 domains to perform 72 HTTP transactions. The main IP is 34.111.11.8, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.heinz.com. The Cisco Umbrella rank of the primary domain is 182136.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 25th 2023. Valid for: a year.

This is the only time www.heinz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.49.92.71 34.49.92.71	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 27	34.111.11.8 34.111.11.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2606:4700::68... 2606:4700::6810:291c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::93	15169 (GOOGLE) (GOOGLE)
1	2600:1408:c40... 2600:1408:c400:11::17cd:6b48	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2600:1408:c40... 2600:1408:c400:397::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:176b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	173.223.163.208 173.223.163.208	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	23.46.156.139 23.46.156.139	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::67	15169 (GOOGLE) (GOOGLE)
5	173.223.163.209 173.223.163.209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
72	14

1 34.49.92.71 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.92.49.34.bc.googleusercontent.com

khparis2024.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 34.111.11.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.11.111.34.bc.googleusercontent.com

www.heinz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:291c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ukwest.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::93 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:11::17cd:6b48 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.allotta.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:1408:c400:397::523 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o4504005838045184.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:176b (United States)

ASN13335 (CLOUDFLARENET, US)

experience.ninetailed.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.163.208 (Ashburn, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a173-223-163-208.deploy.static.akamaitechnologies.com

www.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.46.156.139 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-46-156-139.deploy.static.akamaitechnologies.com

sf16-website-login.neutral.ttwstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::67 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 173.223.163.209 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a173-223-163-209.deploy.static.akamaitechnologies.com

www.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	heinz.com 1 redirects www.heinz.com — Cisco Umbrella Rank: 182136	2 MB
14	onetrust.com cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 5661 geolocation.onetrust.com — Cisco Umbrella Rank: 533	234 KB
10	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2449	362 KB
6	tiktok.com 1 redirects www.tiktok.com — Cisco Umbrella Rank: 4011	5 KB
6	fonts.net cdn.fonts.net — Cisco Umbrella Rank: 16142	160 KB
3	ttwstatic.com sf16-website-login.neutral.ttwstatic.com — Cisco Umbrella Rank: 7390	22 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	89 KB
1	ninetailed.co experience.ninetailed.co — Cisco Umbrella Rank: 51379	2 KB
1	gstatic.com www.gstatic.com	207 KB
1	allotta.io cdn.allotta.io — Cisco Umbrella Rank: 174451
1	sentry.io o4504005838045184.ingest.sentry.io — Cisco Umbrella Rank: 101238 Failed	67 B
1	khparis2024.ca 1 redirects khparis2024.ca	134 B
72	13

	Domain	Requested by
27	www.heinz.com	1 redirects www.heinz.com
13	cdn-ukwest.onetrust.com	www.heinz.com cdn-ukwest.onetrust.com
10	res.cloudinary.com	www.heinz.com
6	www.tiktok.com	1 redirects sf16-website-login.neutral.ttwstatic.com
6	cdn.fonts.net	www.heinz.com cdn.fonts.net
3	sf16-website-login.neutral.ttwstatic.com	www.heinz.com www.tiktok.com
2	www.google.com	www.heinz.com www.gstatic.com
1	www.googletagmanager.com	www.heinz.com
1	experience.ninetailed.co	www.heinz.com
1	geolocation.onetrust.com	www.heinz.com
1	www.gstatic.com	www.google.com
1	cdn.allotta.io	www.heinz.com
1	o4504005838045184.ingest.sentry.io	www.heinz.com
1	khparis2024.ca	1 redirects
72	14

This site contains links to these domains. Also see Links.

Domain
www.tiktok.com
www.instagram.com
www.youtube.com
www.facebook.com
www.kraftcanada.ca
www.myfoodandfamily.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.heinz.com Sectigo RSA Organization Validation Secure Server CA	`2023-09-25` - `2024-09-24`	a year	crt.sh
fonts.net GTS CA 1P5	`2024-04-04` - `2024-07-03`	3 months	crt.sh
onetrust.com E1	`2024-05-16` - `2024-08-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
s7-sni.cloudinary.com R3	`2024-05-18` - `2024-08-16`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-18` - `2025-01-13`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
ninetailed.co E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.neutral.ttwstatic.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-06-30` - `2024-07-30`	a year	crt.sh
*.www.tiktok.com RapidSSL ECC CA 2018	`2023-11-09` - `2024-12-09`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.heinz.com/en-CA
Frame ID: 0D54B60466F9B9D317F078FBA72BB2ED
Requests: 67 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcXRoUpAAAAADJ6CJ5FqaTT4WpekunUmpOZHl7B&co=aHR0cHM6Ly93d3cuaGVpbnouY29tOjQ0Mw..&hl=en&v=joHA60MeME-PNviL59xVH9zs&size=invisible&cb=bnivfmti0wol
Frame ID: 6F6C254BF934FF80A52AC68256932FF4
Requests: 1 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/v2/7064265650105224454?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA
Frame ID: 93A3BF5705786FFA3B549E6BA8662BDE
Requests: 1 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/v2/7138492977277717765?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA
Frame ID: A164509C6D5AFD0F41675526C78F3D16
Requests: 1 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/v2/7121772773936008453?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA
Frame ID: 13E02584A6AFC71A558DC6AE876738A7
Requests: 1 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/v2/7116930278274223365?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA
Frame ID: D56B119E9B9C20F110AF0838DAAFE5C3
Requests: 1 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/v2/7029744641691962630?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA
Frame ID: D7FC0011546A759772953D45F4E02E3E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Heinz Official Site - Heinz® Canada | Heinz

Page URL History Show full URLs

https://khparis2024.ca/ HTTP 301
https://www.heinz.com/ HTTP 307
https://www.heinz.com/en-CA Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Page Statistics

72
Requests

97 %
HTTPS

60 %
IPv6

13
Domains

14
Subdomains

14
IPs

1
Countries

2647 kB
Transfer

12579 kB
Size

8
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tiktok.com/@heinz_ca

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heinz_ca/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCohNgWhRN9XWRxCJ0BbaQ8Q

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HeinzCA/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@heinz_ca/video/7116930278274223365?is_copy_url=1&is_from_webapp=v1&lang=en
Title: .rsme-spinner { border: 3px solid rgba(0,0,0,0.75); border-right-color: transparent; border-radius: 50%; animation: rsme-spin 1s linear infinite; } @keyframes rsme-spin { 0% { transform: rotate(0deg); } 100% { transform: rotate(360deg); } } View post on TikTok

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@heinz_ca/video/7029744641691962630?is_copy_url=1&is_from_webapp=v1&lang=en
Title: .rsme-spinner { border: 3px solid rgba(0,0,0,0.75); border-right-color: transparent; border-radius: 50%; animation: rsme-spin 1s linear infinite; } @keyframes rsme-spin { 0% { transform: rotate(0deg); } 100% { transform: rotate(360deg); } } View post on TikTok

Search URL Search Domain Scan URL

URL: https://www.kraftcanada.ca/contact_us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.myfoodandfamily.com/privacynotice
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://khparis2024.ca/ HTTP 301
https://www.heinz.com/ HTTP 307
https://www.heinz.com/en-CA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://www.tiktok.com/embed.js HTTP 302
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js

72 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request en-CA Show response
www.heinz.com/
Redirect Chain

https://khparis2024.ca/
https://www.heinz.com/
https://www.heinz.com/en-CA

728 KB
64 KB

1110ms
1109ms

Document
text/html

34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/en-CA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

Google Frontend / Next.js

Resource Hash

6f8fb4887cd20e2e49296175a35184411ef8e70270be255942d2742aaba4c6ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=300
content-encoding: gzip
content-language: en
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
content-type: text/html; charset=utf-8
date: Thu, 30 May 2024 10:57:22 GMT
etag: "c2xnopd9dzfz0p"
server: Google Frontend
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
via: 1.1 google
x-cache-hit: miss
x-powered-by: Next.js

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-language: en
content-length: 6
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
content-type: text/html
date: Thu, 30 May 2024 10:57:21 GMT
location: /en-CA
server: Google Frontend
strict-transport-security: max-age=31536000; preload
via: 1.1 google
x-cache-hit: miss
x-cloud-trace-context: f11a17c2a491341784f3bf6b31a88db2

GET
H2 200 335655b0-0dd3-11ed-9831-02c6998740a0.css
cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/ 3 KB
1 KB 515ms
173ms Stylesheet
text/css 2606:4700::6810:291c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Requested by: Host: www.heinz.com
URL: https://www.heinz.com/en-CA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:291c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2667e888219b42f87e7546d948de2f36c942fbedd4ca96ae5c52ddd51565d50d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:22 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: D3STSSVAP2ZTZTPM
age: 3663
x-amz-server-side-encryption: AES256
x-amz-id-2: TaWIIkjYuii67shvkYBwXmaMmi0rKQbyvdxcD0l+AH7AKLYaGTVZmOtOkCtoXtFZXX3GFPLH89AliXN7yJOrfA==
last-modified: Mon, 09 Jan 2023 08:40:31 GMT
server: cloudflare
etag: W/"b74d633881cc782b956dc22fa707fa02"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 88be33f5ece6ac4c-YYZ
expires: Thu, 30 May 2024 11:02:22 GMT

GET
H2 200 otSDKStub.js Show response
cdn-ukwest.onetrust.com/scripttemplates/ 21 KB
7 KB 477ms
127ms Script
application/javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 May 2024 10:57:22 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Dw6K+rTuf8kOuPIEBw1QQA==
age: 72954
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6881
x-ms-lease-status: unlocked
last-modified: Tue, 14 May 2024 19:29:27 GMT
server: cloudflare
etag: 0x8DC744C2B5CAB65
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d06f667-f01e-0011-20d5-a6cd47000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88be33f5fddd54a3-YYZ
expires: Fri, 31 May 2024 10:57:22 GMT

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 543ms
126ms Script
text/javascript 2607:f8b0:4004:c1b::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LcXRoUpAAAAADJ6CJ5FqaTT4WpekunUmpOZHl7B&waf=session

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a14daf0e8fc4d267857209122973a1315ef55e5a63b7c37f4de4bc13440d94ff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 30 May 2024 10:57:22 GMT

GET
H3 200 a44e6514564f8995.css
www.heinz.com/_next/static/css/ 154 KB
27 KB 74ms
74ms Stylesheet
text/css 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/css/a44e6514564f8995.css

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

8bead6cb10b571515221113acc548604150facfb54cefcf9d78fe00132fbff43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:03:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 3206
x-guploader-uploadid: ABPtcPoCgHgl7FxodUPDONtYzlSIasGTA5qwRx1qk3HruRfIhpLOi_bIrRI9WT8s-5tsRwE76P8mtVi1FQ
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27214
last-modified: Tue, 28 May 2024 15:16:36 GMT
server: UploadServer
etag: W/"d96e1e763f2c51cfe0f79dba8c347569"
vary: Accept-Encoding
x-goog-generation: 1716909396546838
x-goog-hash: crc32c=IWV0mw==, md5=2W4edj8sUc/g9526jDR1aQ==
content-type: text/css
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 157333
accept-ranges: none

GET
H3 200 ad63afbf7fb7c47b.css
www.heinz.com/_next/static/css/ 5 KB
1 KB 79ms
78ms Stylesheet
text/css 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/css/ad63afbf7fb7c47b.css

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

3f3b31bb570f3e8215db239ef724f145f44a916978e8d33cf5bc9f8059191fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:03:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 3206
x-guploader-uploadid: ABPtcPo9WaqcJBU20X49q_O1vQp1FWXITKX4NLTRT8cqR-rc-1iTjvgsLBgGAXVg3hVgII6oGiugT-0sIg
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1330
last-modified: Tue, 28 May 2024 15:16:36 GMT
server: UploadServer
etag: W/"66a6d3a3e2fc1e39b3b26658d7aa94e5"
vary: Accept-Encoding
x-goog-generation: 1716909396712024
x-goog-hash: crc32c=Bt2r2w==, md5=ZqbTo+L8HjmzsmZY16qU5Q==
content-type: text/css
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 5629
accept-ranges: none

GET
H3 200 webpack-05260e0b6d6ef1b1.js Show response
www.heinz.com/_next/static/chunks/ 7 KB
3 KB 79ms
75ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/webpack-05260e0b6d6ef1b1.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

1099dde4f8838836df082f84facf14f6a62141f53e6a9330bb082f56557b23ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:03:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 3206
x-guploader-uploadid: ABPtcPrkMNezsgGJtHFd5uoesTPsTuqO9D5F60B10w4usB-tslXKNQPF-_Sl36sdKcGHr75kRfKP3wh9Gw
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2662
last-modified: Tue, 28 May 2024 15:16:36 GMT
server: UploadServer
etag: W/"5b20eb794f2958b65a0a9f64133db519"
vary: Accept-Encoding
x-goog-generation: 1716909396122929
x-goog-hash: crc32c=UtCh6g==, md5=WyDreU8pWLZaCp9kEz21GQ==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 6907
accept-ranges: none

GET
H3 200 framework-3326cec7ef174e8e.js Show response
www.heinz.com/_next/static/chunks/ 146 KB
46 KB 85ms
80ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/framework-3326cec7ef174e8e.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

4be864707ecb79ec664eec518a6655d5f9f5d9358f61e471fe4253d5eee525e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 3111
x-guploader-uploadid: ABPtcPr6ADLM_OMGP2iu6WACdX0Z8QtwNe1_vpbyNyGxvciNbLSAvRIbXsq9PmPqmyVx7CaUXfs-gXqUnw
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46731
last-modified: Tue, 28 May 2024 15:16:32 GMT
server: UploadServer
etag: W/"18bd41edac97925fcce3ff1d368e7af3"
vary: Accept-Encoding
x-goog-generation: 1716909392224559
x-goog-hash: crc32c=eyUSWw==, md5=GL1B7ayXkl/M4/8dNo568w==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 149632
accept-ranges: none

GET
H3 200 main-d7646808c5d1b152.js Show response
www.heinz.com/_next/static/chunks/ 130 KB
38 KB 145ms
140ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/main-d7646808c5d1b152.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

5535c82f713014869baf5ff7fa211de341f2eae294fc05e6c6ac9786d22c6c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 3111
x-guploader-uploadid: ABPtcPr1L38xr55J2bTgxM8R3MzCLu-aP60FYZw3AmVSeQG45DyZ8cQJYLs5a89pzVcZYXMhmoDxiahJgA
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38416
last-modified: Tue, 28 May 2024 15:16:32 GMT
server: UploadServer
etag: W/"0f8ca3a6e9e1f4a7b1542203c599c150"
vary: Accept-Encoding
x-goog-generation: 1716909392418917
x-goog-hash: crc32c=lecb4Q==, md5=D4yjpunh9KexVCIDxZnBUA==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 133359
accept-ranges: none

GET
H3 200 _app-578592dbd1d973c9.js Show response
www.heinz.com/_next/static/chunks/pages/ 5 MB
1 MB 110ms
106ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/pages/_app-578592dbd1d973c9.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

ad87fd1f7567f139c188532b5b1f939098c9eaa17c1dcdee51688d515f4d41bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 3111
x-guploader-uploadid: ABPtcPqcY4L0yPS-3-AZHAUFNkJtwK4hua-i3Y-HFFRzXAPgiMFHvwUqWSDqFkYm5Wy2mtNZYLY
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Tue, 28 May 2024 15:16:33 GMT
server: UploadServer
etag: W/"2fe5e7b5ea6193682ab4e0b387987e5e"
vary: Accept-Encoding
x-goog-generation: 1716909393501247
x-goog-hash: crc32c=mPhXyg==, md5=L+Xntephk2gqtOCzh5h+Xg==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 4842587
accept-ranges: none

GET
H3 200 4dd7a1cf-5efcfb6db532fdaa.js Show response
www.heinz.com/_next/static/chunks/ 592 KB
160 KB 164ms
159ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/4dd7a1cf-5efcfb6db532fdaa.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

360eea4340d428a085d4e3f949f2e40f1e613390d0568381c9f3e52453fff9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 3111
x-guploader-uploadid: ABPtcPo5rL6f9-S4hKmbsBKv-TAfijrNR90LouJwQr6hxIT03wAv84W24zglW7Ia3w4fCeI-uEeGyNl-8g
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163419
last-modified: Tue, 28 May 2024 15:16:29 GMT
server: UploadServer
etag: W/"049b7c8da542e3ecf4409f9dae84430c"
vary: Accept-Encoding
x-goog-generation: 1716909389209116
x-goog-hash: crc32c=LwoypA==, md5=BJt8jaVC4+z0QJ+droRDDA==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 606402
accept-ranges: none

GET
H3 200 2fbf9dd2-8698f4c02fd19d1b.js Show response
www.heinz.com/_next/static/chunks/ 346 KB
82 KB 182ms
178ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/2fbf9dd2-8698f4c02fd19d1b.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

21a47f7ae5f68d098c81dca6a9baeeb5e151138ec465aa06c77bca88a82b744d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 3111
x-guploader-uploadid: ABPtcPpujPzelq9V54PL25cGgdCcGTDU0C_Gc46tKGa8asuQMqHr1WnYTKhQ3-lEc99RdDfH1auZPZ5dcA
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84121
last-modified: Tue, 28 May 2024 15:16:28 GMT
server: UploadServer
etag: W/"c949502939411d3b2b2a3a2921fa6b4d"
vary: Accept-Encoding
x-goog-generation: 1716909388610965
x-goog-hash: crc32c=+CTWEw==, md5=yUlQKTlBHTsrKjopIfprTQ==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 354344
accept-ranges: none

GET
H3 200 187-a29faac12a5780fe.js Show response
www.heinz.com/_next/static/chunks/ 148 KB
46 KB 196ms
192ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/187-a29faac12a5780fe.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

55b6e0d71d1f5e64bc75ff097dcffd25cb0b920162213e6c9c8f3aa826885bf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 3111
x-guploader-uploadid: ABPtcPrhFnjDoLJRyVA3hyvM3sr7657cxHI11DBBO9DAO4mh5EylZCy5nNqY3icmhi7sGzq4jDQ
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46919
last-modified: Tue, 28 May 2024 15:16:27 GMT
server: UploadServer
etag: W/"f6387be17d385f3ab79953768a95f45f"
vary: Accept-Encoding
x-goog-generation: 1716909387560985
x-goog-hash: crc32c=pYaSFg==, md5=9jh74X04Xzq3mVN2ipX0Xw==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 151178
accept-ranges: none

GET
H3 200 910-06cafada630a13dd.js Show response
www.heinz.com/_next/static/chunks/ 80 KB
20 KB 203ms
200ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/910-06cafada630a13dd.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

3809348bbdc8bd6743df7d45b3b05f219c4c7f72e393c260f1d585f3eedcf11e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 3111
x-guploader-uploadid: ABPtcPpVXbXWc36VJJprioV5mR53Ww1vluJTdzJZm7O2zkpIflzhKTehgAKMhc5obvya3QQZHSC0vPDBzA
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20038
last-modified: Tue, 28 May 2024 15:16:31 GMT
server: UploadServer
etag: W/"dfd37b102f7fb97336e7a0163d8d362b"
vary: Accept-Encoding
x-goog-generation: 1716909391163068
x-goog-hash: crc32c=SkPLGA==, md5=39N7EC9/uXM256AWPY02Kw==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 81523
accept-ranges: none

GET
H3 200 index-285fe7d4e5fbf4e4.js Show response
www.heinz.com/_next/static/chunks/pages/ 7 KB
3 KB 337ms
334ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/pages/index-285fe7d4e5fbf4e4.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

dba8505ac6e2003eed2d9da2750facdeb953fd10151d45026b523f973d20bd91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
x-guploader-uploadid: ABPtcPoWyZehc2OTp3sX36jiHagS9cqkBKZQjc5VRtRUjU4oBmyPkiz_04HECyiIODVG_Zuv2r4B3xLo8A
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Tue, 28 May 2024 15:16:34 GMT
server: UploadServer
etag: W/"9e5b7bc183a05cda9cbbf7c5e0a10371"
vary: Accept-Encoding
x-goog-generation: 1716909394358573
content-type: application/javascript
x-goog-hash: crc32c=yBGtGw==, md5=nlt7wYOgXNqcu/fF4KEDcQ==
cache-control: public,max-age=3600
x-cache-hit: miss
x-goog-stored-content-length: 6832
accept-ranges: none

GET
H3 200 _buildManifest.js Show response
www.heinz.com/_next/static/5bFNP0FTB-9yqmsyjB2Gs/ 3 KB
828 B 214ms
211ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/5bFNP0FTB-9yqmsyjB2Gs/_buildManifest.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

8d3fb7a0dfbcd762df64770d18554baefbf426a4c0560eca9ee81cc654fc4136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 3111
x-guploader-uploadid: ABPtcPq_3xsnecRuPghUOP5EQFv1VGYh10QrL2NS0HBr0aG0_qD7lOMopXZmoqYgcAz9sGTMVb8
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 782
last-modified: Tue, 28 May 2024 15:16:27 GMT
server: UploadServer
etag: W/"e48788dbd6b42bdc4870c94745077a8f"
vary: Accept-Encoding
x-goog-generation: 1716909387092394
x-goog-hash: crc32c=S6vo0w==, md5=5IeI29a0K9xIcMlHRQd6jw==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 2811
accept-ranges: none

GET
H3 200 _ssgManifest.js Show response
www.heinz.com/_next/static/5bFNP0FTB-9yqmsyjB2Gs/ 103 B
142 B 213ms
210ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/5bFNP0FTB-9yqmsyjB2Gs/_ssgManifest.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

792318d91d50f2a952e08ec9ad3a4c081d969d62730ef9d4a567da45c8ad635d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:46:03 GMT
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909297
age: 679
x-guploader-uploadid: ABPtcPoxq_ItDG6fXTGw9-krR9z4J1pMfT7pQhVyGEUmqtQRmo1BCULT98CkQ2RDIYZWSdqzJTIGFjiYfw
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103
last-modified: Tue, 28 May 2024 15:16:27 GMT
server: UploadServer
etag: "e0ab33f6a72b36a3070f397c017ab85e"
x-goog-generation: 1716909387175012
x-goog-hash: crc32c=3Pg/DA==, md5=4Ksz9qcrNqMHDzl8AXq4Xg==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 103
accept-ranges: bytes

POST /
o4504005838045184.ingest.sentry.io/api/4505410929033216/security/ 0
0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 206 en_ca_Home_Hero.mp4
cdn.allotta.io/video/upload/f_auto/q_auto/v1716829081/dxp-images/heinz/or-HeroBanner/ 3 MB
0 625ms
152ms Media
video/webm 2600:1408:c400:11::17cd:6b48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.allotta.io/video/upload/f_auto/q_auto/v1716829081/dxp-images/heinz/or-HeroBanner/en_ca_Home_Hero.mp4

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:11::17cd:6b48 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.heinz.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:23 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
Content-Range: bytes 0-12070422/12070423
server-timing: cld-akam;dur=9;start=2024-05-30T10:57:23.066Z;desc=hit,rtt;dur=62,content-info;desc="width=1920,height=1080,abps=200802,fps=23.976,du=60.111,vc=\"vp9\",bytes=12070423,owidth=1920,oheight=1080,oabps=1063225,ofps=23.976,odu=60.095,ovc=\"h264\",obytes=63894478,oformat=\"mp4\",ef=(18,41,101)"
Content-Length: 12070423
last-modified: Mon, 27 May 2024 17:02:14 GMT
server: Cloudinary
etag: "28bcaa20c9fba07e96708764ab5ced18"
vary: Accept,User-Agent,Save-Data
content-type: video/webm;codecs=vp9
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 98163a3e-f400-4c61-8d40-747a07bc5c49.json Show response
cdn-ukwest.onetrust.com/consent/98163a3e-f400-4c61-8d40-747a07bc5c49/ 6 KB
2 KB 454ms
118ms XHR
application/x-javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/98163a3e-f400-4c61-8d40-747a07bc5c49/98163a3e-f400-4c61-8d40-747a07bc5c49.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cfef4fd98c8704761a67bfc0eb95d3adac926b5972f7bc9b6f90ad496b51b4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 May 2024 10:57:23 GMT
content-encoding: gzip
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 79237
content-md5: a3Ps3KS5nNMUQooSq0JafQ==
content-length: 1782
x-ms-lease-status: unlocked
last-modified: Wed, 28 Feb 2024 14:47:20 GMT
server: cloudflare
etag: 0x8DC386C2AFB5F76
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 98c24858-901e-0081-6a08-7cf729000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88be33f8e962abee-YYZ

GET
H2 200 1.css
cdn.fonts.net/t/ 0
231 B 99ms
99ms Stylesheet
text/css 2606:4700::6810:291c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fonts.net/t/1.css?apiType=css&projectid=335655b0-0dd3-11ed-9831-02c6998740a0
Requested by: Host: cdn.fonts.net
URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:291c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:23 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: A01W8WDFCB1KRJGH
age: 60800
x-amz-server-side-encryption: AES256
content-length: 0
x-amz-id-2: gAiDTJeUVvffH7piKj+OOVHQF9tdIS9czG5wjvgyMW5Xuo1JGBA8Lb6B7XATL4WnAudVCHj5/NU=
last-modified: Thu, 20 Oct 2022 08:49:27 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 88be33f6fd93ac4c-YYZ
expires: Thu, 30 May 2024 11:02:23 GMT

GET
H2 200 HeinzLabelW05Regular_normal_normal.woff2
cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/HeinzLabelW05Regular/ 17 KB
18 KB 684ms
245ms Font
font/woff2 2606:4700::6810:291c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/HeinzLabelW05Regular/HeinzLabelW05Regular_normal_normal.woff2
Requested by: Host: cdn.fonts.net
URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:291c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 796534e97cbd7552a0cca284780dbd626c4958d2dda032d0f3784138b085317c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Origin: https://www.heinz.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:24 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 8Y5YC4KD2KJK700N
age: 5068
x-amz-server-side-encryption: AES256
content-length: 17816
x-amz-id-2: 6nTWkE8lkk26KtJnguecx5am1NH9OFmLKyKx/Kof8CcArfGxNj47AM4JSnOGE6vbyNVI46pgdps=
last-modified: Mon, 09 Jan 2023 08:40:31 GMT
server: cloudflare
etag: "2e08c4c8f3c62047a5caa477ffc46884"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 88be33fdb9cd3870-YYZ
expires: Thu, 30 May 2024 11:02:24 GMT

GET
H2 200 IntroRegular_normal_normal.woff2
cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/Intro/ 46 KB
46 KB 641ms
202ms Font
font/woff2 2606:4700::6810:291c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/Intro/IntroRegular_normal_normal.woff2
Requested by: Host: cdn.fonts.net
URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:291c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9170bc6ca29054b4e7a48b59e8a0c95343163dce5e876ab3b61b1e32fe8f3b0b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Origin: https://www.heinz.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:24 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: Q505TT1KFKR121Y9
age: 5068
x-amz-server-side-encryption: AES256
content-length: 46708
x-amz-id-2: K1RbeFLzawTXMPIiTbN6hzVQTuu5ZjRQfHVkIe1pwwIQ3Lyi+RGMs9jDRoStuecvfuGt+bwZr6U=
last-modified: Mon, 09 Jan 2023 08:40:31 GMT
server: cloudflare
etag: "94abfdf5010dd54891c004f84b95348a"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 88be33fdb9d23870-YYZ
expires: Thu, 30 May 2024 11:02:24 GMT

GET
H2 200 IntroSemiBold_normal_normal.woff2
cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/Intro/ 46 KB
46 KB 692ms
253ms Font
font/woff2 2606:4700::6810:291c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/Intro/IntroSemiBold_normal_normal.woff2
Requested by: Host: cdn.fonts.net
URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:291c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dcde4be61d423113da8899b1cca4fc9bbca7b339869148c65fc2bfb4799f957

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Origin: https://www.heinz.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:24 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: G9XRKK3KW8AKFK1X
age: 5068
x-amz-server-side-encryption: AES256
content-length: 47032
x-amz-id-2: IL+60WYybxftfMT1p+QjBkJKnY6LzcdpGhFafzH9wGvWe1SZ3CKl4YL42wy1MKxpiSTDtS8lQTE=
last-modified: Mon, 09 Jan 2023 08:40:31 GMT
server: cloudflare
etag: "c56fe162665e4d469f7fcbd4ea33ece1"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 88be33fdb9d03870-YYZ
expires: Thu, 30 May 2024 11:02:24 GMT

GET
H2 200 IntroBold_normal_normal.woff2
cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/Intro/ 47 KB
48 KB 544ms
106ms Font
font/woff2 2606:4700::6810:291c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/Intro/IntroBold_normal_normal.woff2
Requested by: Host: cdn.fonts.net
URL: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:291c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7041a6c76e46c7bed26fd75072d65d91b42a24e3041e2365b68d37eaf73f94f6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.fonts.net/kit/335655b0-0dd3-11ed-9831-02c6998740a0/335655b0-0dd3-11ed-9831-02c6998740a0.css
Origin: https://www.heinz.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:24 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: ZPZ7BY4QSK8FXK5K
age: 5068
x-amz-server-side-encryption: AES256
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=8g64yxBib0xp0_uY3VcyZafB2ID66OfAUrBL9Znn5AI-1717066644-1.0.1.1-eD5FUpuutjZyVJUpmZxIPSp4TZOWIeWx_SpifvWdOH1ku8HrlTGC3_tD7G6Z57kkIs4wf6P4VtdNPcFMsrMq14XpA7l_8xc0EXzPz.gEpNI18PACZ7FmY5JRxVCauPrE92PJaG5Kk3EeYxCKiniLfw; report-to cf-csp-endpoint
content-length: 48088
x-amz-id-2: 4yHe6knH1WyeBGd3jLtgeoR8+8h8H3sM0FmC94E2zPzp7pdcTgQfZ1tBsVwvBHXAUPJh/kiSHOk=
last-modified: Mon, 09 Jan 2023 08:40:31 GMT
server: cloudflare
etag: "d5a85038527c85636c2d04d1c45251a9"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=8g64yxBib0xp0_uY3VcyZafB2ID66OfAUrBL9Znn5AI-1717066644-1.0.1.1-eD5FUpuutjZyVJUpmZxIPSp4TZOWIeWx_SpifvWdOH1ku8HrlTGC3_tD7G6Z57kkIs4wf6P4VtdNPcFMsrMq14XpA7l_8xc0EXzPz.gEpNI18PACZ7FmY5JRxVCauPrE92PJaG5Kk3EeYxCKiniLfw"}],"group":"cf-csp-endpoint","max_age":86400}
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 88be33fdb9cf3870-YYZ
expires: Thu, 30 May 2024 11:02:24 GMT

GET
H2 200 Heinz-Newsletter-Subscription-Mobile_nj1xjt
res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_1125/f_auto/q_auto/v1/dxp-images/heinz/global/ 60 KB
60 KB 674ms
194ms Image
image/avif 2600:1408:c400:397::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_1125/f_auto/q_auto/v1/dxp-images/heinz/global/Heinz-Newsletter-Subscription-Mobile_nj1xjt?_a=BAVAfVIB0

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:397::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

38a47f112a28751121d8096c0cdf8906f8364441eaeebaa342dba502e588b158

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:23 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2024 03:42:33 GMT
server: Cloudinary
etag: "a99f01f5876d2f433c3db6e1e2a8727a"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
server-timing: cld-akam;dur=22;start=2024-05-30T10:57:23.788Z;desc=hit-near,rtt;dur=64,content-info;desc="width=1125,height=1125,bytes=61068,owidth=1125,oheight=1125,obytes=219625,ef=(1,11,14,17,97)"
accept-ranges: bytes
timing-allow-origin: *
content-length: 61068

POST
H2 200 / Show response
o4504005838045184.ingest.sentry.io/api/4504021996470272/envelope/ 2 B
67 B 100ms
100ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4504005838045184.ingest.sentry.io/api/4504021996470272/envelope/?sentry_key=5bd832e64a6f43019aa63691f23db074&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.112.2

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-578592dbd1d973c9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 30 May 2024 10:57:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/ 522 KB
207 KB 553ms
135ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LcXRoUpAAAAADJ6CJ5FqaTT4WpekunUmpOZHl7B&waf=session

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0e3acc54460721385d2e472dda7288382f2766a06b38d2e732d034619f9b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Origin: https://www.heinz.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 07:29:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211646
x-xss-protection: 0
last-modified: Mon, 20 May 2024 04:00:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 May 2025 07:29:58 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 67 B
224 B 114ms
108ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-578592dbd1d973c9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66707b7434e14fc523f2fc692e4a190958a02598dd3d9c45ec0f65f90091727b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
accept: application/json
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 88be33fb0abaabee-YYZ
access-control-allow-headers: Content-Type

GET
H3 200 bcdf501dca0cceb1.css
www.heinz.com/_next/static/css/ 1 KB
409 B 76ms
75ms Stylesheet
text/css 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/css/bcdf501dca0cceb1.css

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/webpack-05260e0b6d6ef1b1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

f2c47aba706362c2335b086a342d09bb88ca093687993684dc0f65ed2542d2d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:46:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 680
x-guploader-uploadid: ABPtcPo3P1x06-12ePQV7au4YR1O5jd3Y3LjRhNqgAZQvIBqL1qXM3VbvaoJmth-G9jK7UmlXn8wOjz2Vg
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
last-modified: Tue, 28 May 2024 15:16:36 GMT
server: UploadServer
etag: W/"6a8152737598594ef33647235878c145"
vary: Accept-Encoding
x-goog-generation: 1716909396890113
x-goog-hash: crc32c=pTbshw==, md5=aoFSc3WYWU7zNkcjWHjBRQ==
content-type: text/css
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 1120
accept-ranges: none

GET
H3 200 87.a84ebb2d484bf087.js Show response
www.heinz.com/_next/static/chunks/ 16 KB
5 KB 78ms
77ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/87.a84ebb2d484bf087.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/webpack-05260e0b6d6ef1b1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

b6f688f7d8ec3bcbdce5538575fa0163b7d9b89a15a011298434e1edba2e6e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:46:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 680
x-guploader-uploadid: ABPtcPp_GF347S8WbdEdd-c7-iLAFqd8ux3RRCyc1kY5L2XlDv8kFcaOfb959dgju2lQnTwhmub4Qnl5sQ
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5037
last-modified: Tue, 28 May 2024 15:16:30 GMT
server: UploadServer
etag: W/"db5b22a556372e122653fe538ba6dc2f"
vary: Accept-Encoding
x-goog-generation: 1716909390920872
x-goog-hash: crc32c=DU5O3Q==, md5=21sipVY3LhImU/5Ti6bcLw==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 16104
accept-ranges: none

POST
H3 200 profiles Show response
experience.ninetailed.co/v2/organizations/1ddf955f-cfd8-4fed-b4aa-4569fde3ec09/environments/main/ 3 KB
2 KB 502ms
168ms Fetch
application/json 2606:4700::6812:176b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experience.ninetailed.co/v2/organizations/1ddf955f-cfd8-4fed-b4aa-4569fde3ec09/environments/main/profiles
Requested by: Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-578592dbd1d973c9.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:176b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcb530ae6b796232fd4e4dcc493d1d3ae3e56658b34691e8da8bbcbcea608f7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 May 2024 10:57:24 GMT
content-encoding: gzip
server: cloudflare
traceparent: 00-f70091716d91307074ebea360358c2ac-b9c37792cba80e60-00
x-ninetailed-telemetry-events-page: 1
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-ninetailed-telemetry-events-identify: 0
x-ninetailed-telemetry-events-merge: 0
cf-ray: 88be33fda9edac8d-YYZ
alt-svc: h3=":443"; ma=86400
x-ninetailed-telemetry-events-track: 0

GET
H2

200

embed_v1.0.12.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/
Redirect Chain

https://www.tiktok.com/embed.js
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js

40 KB
14 KB

458ms
110ms

Script
application/javascript

23.46.156.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js
Requested by: Host: www.heinz.com
URL: https://www.heinz.com/en-CA
Protocol: H2
Server: 23.46.156.139 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-46-156-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dc15d2dbaaafa80d89a77adf365ea3a2a728c8eefc36b9872b06b78d7d919b49

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.heinz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 9a6b6ab
date: Thu, 30 May 2024 10:57:24 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: 9V0JLxhpwMvoJafbvKO0pQ==
x-cache: TCP_MEM_HIT from a23-46-151-139.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1
storage-tier: Standard
content-length: 13263
last-modified: Mon, 22 Jan 2024 19:32:27 GMT
opc-request-id: iad-1:fCqdon7Eal6RlFkfu077lO4qYc__y5u30k-v9uOmW7Gxh5PnoqVBnrV5sGNNToLu
x-api-id: native
etag: b2f83e35-5705-4835-962f-dbe0d55871a0
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 13fb1b8e-79ca-40e8-8dec-c5db316da63b
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 29 Jun 2024 10:57:24 GMT

Redirect headers

x-akamai-request-id: 11182747.32ab1eaf
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; upgrade-insecure-requests ; report-to csp-endpoint; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=0ee95563-3e34-48eb-b4ed-de63c5f024b9
date: Thu, 30 May 2024 10:57:24 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240530105723C8226818E375E71056E7-0FB3A461144D650F-00
content-security-policy-report-only: report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=0ee95563-3e34-48eb-b4ed-de63c5f024b9;report-to csp-endpoint;default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: https: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.soundon.global *.tableau.com *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.twitter.com *.vimeo.com *.yahoo.co.jp facebook.com googletagmanager.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com twitter.com unpkg.co;script-src 'unsafe-eval' s20.tiktokcdn.com sf16-website-login.neutral.ttwstatic.com sf16-website.neutral.ttwstatic.com;worker-src www.tiktok.com/business/sw.js www.tiktok.com/embed/sw.js www.tiktok.com/firebase-messaging-sw.js www.tiktok.com/sw.js
x-cache: TCP_MISS from a23-202-158-16.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
x-parent-response-time: 13,23.202.158.16
server-timing: cdn-cache; desc=MISS, edge; dur=14, origin; dur=2
content-length: 136
reporting-endpoints: csp-endpoint="https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
proxy-status: 0000201302026000
pragma: no-cache
server: TLB
x-tt-logid: 20240530105723C8226818E375E71056E7
x-cache-remote: TCP_MISS from a23-207-199-77.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
content-type: text/html
location: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 2,23.207.199.77
x-tt-trace-host: 01426287e4445b5ff20f4095011fe5ae832db63646d8ae0ac959699d4def74eec52a516b8ba8a46cca7bdb6daa5283b37bcc321314b6b69df0a6e8b22a5f5bef5bd42d7f2b603f879cc51c87a75eee36c2
expires: Thu, 30 May 2024 10:57:24 GMT

GET
H3 204 me
www.heinz.com/api/auth/ 0
0 156ms
156ms Fetch
text/html 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/api/auth/me

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-578592dbd1d973c9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.heinz.com/en-CA
baggage: sentry-environment=prd,sentry-release=dxp-heinz-dot-com%40v1.17.1-34-g9e8976f,sentry-public_key=5bd832e64a6f43019aa63691f23db074,sentry-trace_id=36eae5a371f64f15ae4f474736c2672f,sentry-sample_rate=0.2,sentry-transaction=%2F,sentry-sampled=false
sentry-trace: 36eae5a371f64f15ae4f474736c2672f-a8c2608bd58ad4d4-0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:23 GMT
via: 1.1 google
strict-transport-security: max-age=31536000; preload
server: Google Frontend
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
content-type: text/html
x-cloud-trace-context: 328ce13f502a16b90fae9d2f2da2af1f
x-cache-hit: miss
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 327 KB
89 KB 630ms
159ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W2PBNCL&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c172ac9fb73670801aba871626c85bea6dd149fb75c8acdc1323f66250a3e059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90486
x-xss-protection: 0
last-modified: Thu, 30 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 May 2024 10:57:24 GMT

GET
H2 200 Heinz-Newsletter-Subscription-Desktop_qlza5j
res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_1920/f_auto/q_auto/v1/dxp-images/heinz/global/ 49 KB
50 KB 195ms
195ms Image
image/avif 2600:1408:c400:397::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/image/upload/f_auto/q_auto/c_limit,w_1920/f_auto/q_auto/v1/dxp-images/heinz/global/Heinz-Newsletter-Subscription-Desktop_qlza5j?_a=BAVAfVIB0

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:397::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

549aee2aa3f0a2176ba56ec2a0e8e871b03bea50363392c9611ee092dae79fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:23 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Tue, 16 Apr 2024 15:16:46 GMT
server: Cloudinary
etag: "36636505dcb4858cc20e30493badb754"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
server-timing: cld-akam;dur=18;start=2024-05-30T10:57:23.837Z;desc=hit-near,rtt;dur=49,content-info;desc="width=1920,height=1080,bytes=50536,owidth=5760,oheight=3240,obytes=1121836,ef=(1,11,14,17,97)"
accept-ranges: bytes
timing-allow-origin: *
content-length: 50536

GET
H2 200 otBannerSdk.js Show response
cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/ 430 KB
105 KB 120ms
120ms Script
application/javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/otBannerSdk.js

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e789e43937c7abc5959eba06825459f4e08e050ff9ea43ab8ec5a041a3e7558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 May 2024 10:57:23 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 5m3SVn9yaQSlRqLvlzjrBg==
age: 35637
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 106956
x-ms-lease-status: unlocked
last-modified: Fri, 23 Feb 2024 19:52:11 GMT
server: cloudflare
etag: 0x8DC34A8ECCE7C0E
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 81539ae2-801e-001b-0b08-7c69f0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88be33fbe88f54a3-YYZ
expires: Fri, 31 May 2024 10:57:23 GMT

GET
H3 200 277.4554a2699fd7619f.js
www.heinz.com/_next/static/chunks/ 3 KB
1 KB 113ms
113ms Other
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/277.4554a2699fd7619f.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

ab49b7a85d348897b96a1fc53afb04741dd66a4df52a4ca5cb8b844f2da9d6ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:46:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 680
x-guploader-uploadid: ABPtcPpse-411RuvXmuiRLM1ohZy5_tZUfSZ5n3fVkTGZJWCwCXw1OHeSThdFbwYG3S42aulNFkDj26Dnw
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1309
last-modified: Tue, 28 May 2024 15:16:28 GMT
server: UploadServer
etag: W/"9b8e3fe34efc30e43213bf4c59f89a97"
vary: Accept-Encoding
x-goog-generation: 1716909388187819
x-goog-hash: crc32c=4bupcQ==, md5=m44/4078MOQyE79MWfialw==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 3268
accept-ranges: none

GET
H2 200 Quiz_creative_content_feed_2_ara95f.png
res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/ 20 KB
21 KB 229ms
228ms Image
image/avif 2600:1408:c400:397::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/Quiz_creative_content_feed_2_ara95f.png

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:397::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

c6b60c8cd87dc7c1e47793a6200c6abaaae64b23b92b2662e6a891fcbf6c6d44

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:23 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Mon, 29 May 2023 19:00:20 GMT
server: Cloudinary
etag: "e12fa5bc731b02ee0343656b6333b210"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=31536000
server-timing: cld-akam;dur=17;start=2024-05-30T10:57:23.876Z;desc=miss,rtt;dur=33,content-info;desc="width=400,height=600,owidth=400,oheight=600,obytes=121402",cloudinary;dur=74;start=2024-05-23T07:55:04.112Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 20739

GET
H2 200 Homepage-Explore-GarlicLemonShrimpKabas_wdfwzb.png
res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/ 56 KB
56 KB 234ms
234ms Image
image/avif 2600:1408:c400:397::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/Homepage-Explore-GarlicLemonShrimpKabas_wdfwzb.png

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:397::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

a81721c05467d9c1b1907dd9c2511ff39890ef81f9f700164c37cf0e18829b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:23 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 15:38:22 GMT
server: Cloudinary
etag: "f063e01cd0f0c543a563cff61ff73149"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=31536000
server-timing: cld-akam;dur=23;start=2024-05-30T10:57:23.880Z;desc=hit-near,rtt;dur=32,content-info;desc="width=801,height=1202,bytes=57048,owidth=801,oheight=1202,obytes=1158903"
accept-ranges: bytes
timing-allow-origin: *
content-length: 57048

GET
H2 200 Homepage-Explore-SeafoodCocktail_tnnvks.png
res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/ 48 KB
48 KB 234ms
234ms Image
image/avif 2600:1408:c400:397::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/Homepage-Explore-SeafoodCocktail_tnnvks.png

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:397::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

c01bb9479ac12b0a466eea7b1d26de284f8daad016fe26d2710c2399d620f8be

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:23 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 19:16:32 GMT
server: Cloudinary
etag: "b1d3fccba24c2c7f656b064d24927579"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=31536000
server-timing: cld-akam;dur=21;start=2024-05-30T10:57:23.876Z;desc=miss,rtt;dur=33,content-info;desc="width=801,height=1202,bytes=48955,owidth=801,oheight=1202,obytes=716781",cloudinary;dur=54;start=2024-05-23T14:03:23.389Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 48955

GET
H2 200 Homepage-Explore-FallMessaging_zdf6jh.png
res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/ 126 KB
126 KB 193ms
192ms Image
image/avif 2600:1408:c400:397::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/Homepage-Explore-FallMessaging_zdf6jh.png

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:397::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

35b50e3378253b62dccb9433cafa6c29e17948c1da7dc73d9ff474c92324b0d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:23 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 19:16:34 GMT
server: Cloudinary
etag: "99f686dc074ec6ce45d01400bfa3f108"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=31536000
server-timing: cld-akam;dur=16;start=2024-05-30T10:57:23.876Z;desc=miss,rtt;dur=33,content-info;desc="width=801,height=1202,bytes=128682,owidth=801,oheight=1202,obytes=1475724",cloudinary;dur=92;start=2024-05-29T10:21:55.162Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 128682

GET
H3 200 %5B...slug%5D-58049e7567cd1c09.js
www.heinz.com/_next/static/chunks/pages/ 0
2 KB 75ms
74ms Other
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/pages/%5B...slug%5D-58049e7567cd1c09.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/main-d7646808c5d1b152.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 3112
x-guploader-uploadid: ABPtcPo_P_jKwI7GOZ3QJPy9XxbOYo-vc_vhkbz8SWzhIMhMEoru1yux2rMSkF1Lq6uIOO4CV901cv3nCQ
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2220
last-modified: Tue, 28 May 2024 15:16:32 GMT
server: UploadServer
etag: W/"475c988e78073941de4b68f4291f0feb"
vary: Accept-Encoding
x-goog-generation: 1716909392691387
x-goog-hash: crc32c=QukAKw==, md5=R1yYjngHOUHeS2j0KR8P6w==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 5583
accept-ranges: none

GET
H3 200 %5B...recipe-entryTitle%5D-a21558ce670a96d7.js
www.heinz.com/_next/static/chunks/pages/recipes/ 0
1 KB 121ms
121ms Other
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/pages/recipes/%5B...recipe-entryTitle%5D-a21558ce670a96d7.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/main-d7646808c5d1b152.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
x-guploader-uploadid: ABPtcPoRFCC5oPewkDJEvy27fv1NIOtx5_mV-n2IHRK9922liCFZVSZyGYe2TS9hk22XRk7gCDMemq3g1g
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Tue, 28 May 2024 15:16:34 GMT
server: UploadServer
etag: W/"27e049bbb4d19cb40b8b726157c015e9"
vary: Accept-Encoding
x-goog-generation: 1716909394890489
content-type: application/javascript
x-goog-hash: crc32c=5wmjHA==, md5=J+BJu7TRnLQLi3JhV8AV6Q==
cache-control: public,max-age=3600
x-cache-hit: miss
x-goog-stored-content-length: 2688
accept-ranges: none

GET
H3 200 %5B...gtin-productName%5D-a2019e38e2479e09.js
www.heinz.com/_next/static/chunks/pages/products/ 0
1 KB 75ms
74ms Other
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/_next/static/chunks/pages/products/%5B...gtin-productName%5D-a2019e38e2479e09.js

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/main-d7646808c5d1b152.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:46:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 643
x-guploader-uploadid: ABPtcPqhh8vXOk7LN9J1pOpl-8zjd0UVtiaRiYXqcl_aiqFbG9zdoedznVzzQ4uO5M04EYwzFjg
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1483
last-modified: Tue, 28 May 2024 15:16:34 GMT
server: UploadServer
etag: W/"597f95ea7cb851a71c7357ad0560cb56"
vary: Accept-Encoding
x-goog-generation: 1716909394661835
x-goog-hash: crc32c=MLoGjQ==, md5=WX+V6ny4Uaccc1etBWDLVg==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 3394
accept-ranges: none

GET
H3 200 %5B...slug%5D-58049e7567cd1c09.js Show response
www.heinz.com/_next/static/chunks/pages/ 5 KB
0 44ms
43ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heinz.com/_next/static/chunks/pages/%5B...slug%5D-58049e7567cd1c09.js
Requested by: Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/main-d7646808c5d1b152.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.11.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9894f03209a65182148eee6bbef16281120de7fdffb79ebe58c7dc95a159143b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:05:31 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 3112
x-guploader-uploadid: ABPtcPo_P_jKwI7GOZ3QJPy9XxbOYo-vc_vhkbz8SWzhIMhMEoru1yux2rMSkF1Lq6uIOO4CV901cv3nCQ
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2220
last-modified: Tue, 28 May 2024 15:16:32 GMT
server: UploadServer
etag: W/"475c988e78073941de4b68f4291f0feb"
vary: Accept-Encoding
x-goog-generation: 1716909392691387
x-goog-hash: crc32c=QukAKw==, md5=R1yYjngHOUHeS2j0KR8P6w==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 5583
accept-ranges: none

GET
H3 200 ad63afbf7fb7c47b.css Show response
www.heinz.com/_next/static/css/ 5 KB
0 0ms
0ms Fetch
text/css 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heinz.com/_next/static/css/ad63afbf7fb7c47b.css
Requested by: Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-578592dbd1d973c9.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.11.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3f3b31bb570f3e8215db239ef724f145f44a916978e8d33cf5bc9f8059191fe3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.heinz.com/en-CA
baggage: sentry-environment=prd,sentry-release=dxp-heinz-dot-com%40v1.17.1-34-g9e8976f,sentry-public_key=5bd832e64a6f43019aa63691f23db074,sentry-trace_id=36eae5a371f64f15ae4f474736c2672f,sentry-sample_rate=0.2,sentry-transaction=%2F,sentry-sampled=false
sentry-trace: 36eae5a371f64f15ae4f474736c2672f-bbe1348a086475cf-0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:03:56 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 3206
x-guploader-uploadid: ABPtcPo9WaqcJBU20X49q_O1vQp1FWXITKX4NLTRT8cqR-rc-1iTjvgsLBgGAXVg3hVgII6oGiugT-0sIg
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1330
last-modified: Tue, 28 May 2024 15:16:36 GMT
server: UploadServer
etag: W/"66a6d3a3e2fc1e39b3b26658d7aa94e5"
vary: Accept-Encoding
x-goog-generation: 1716909396712024
x-goog-hash: crc32c=Bt2r2w==, md5=ZqbTo+L8HjmzsmZY16qU5Q==
content-type: text/css
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 5629
accept-ranges: none

GET
H3 200 %5B...gtin-productName%5D-a2019e38e2479e09.js Show response
www.heinz.com/_next/static/chunks/pages/products/ 3 KB
0 0ms
0ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heinz.com/_next/static/chunks/pages/products/%5B...gtin-productName%5D-a2019e38e2479e09.js
Requested by: Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/main-d7646808c5d1b152.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.11.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0540b2466623c2e0ab1878a78f7e86c42078988fa9f67dccbee85d32bddda675

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:46:40 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1716909242
age: 643
x-guploader-uploadid: ABPtcPqhh8vXOk7LN9J1pOpl-8zjd0UVtiaRiYXqcl_aiqFbG9zdoedznVzzQ4uO5M04EYwzFjg
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1483
last-modified: Tue, 28 May 2024 15:16:34 GMT
server: UploadServer
etag: W/"597f95ea7cb851a71c7357ad0560cb56"
vary: Accept-Encoding
x-goog-generation: 1716909394661835
x-goog-hash: crc32c=MLoGjQ==, md5=WX+V6ny4Uaccc1etBWDLVg==
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 3394
accept-ranges: none

GET
H3 200 %5B...recipe-entryTitle%5D-a21558ce670a96d7.js Show response
www.heinz.com/_next/static/chunks/pages/recipes/ 3 KB
0 0ms
0ms Script
application/javascript 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heinz.com/_next/static/chunks/pages/recipes/%5B...recipe-entryTitle%5D-a21558ce670a96d7.js
Requested by: Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/main-d7646808c5d1b152.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.11.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d4ecebf86f4da9443277da5e543d73cdcd7a466618f47ff5a7f4fbffa1d2a46c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:23 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1716909242
x-guploader-uploadid: ABPtcPoRFCC5oPewkDJEvy27fv1NIOtx5_mV-n2IHRK9922liCFZVSZyGYe2TS9hk22XRk7gCDMemq3g1g
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Tue, 28 May 2024 15:16:34 GMT
server: UploadServer
etag: W/"27e049bbb4d19cb40b8b726157c015e9"
vary: Accept-Encoding
x-goog-generation: 1716909394890489
content-type: application/javascript
x-goog-hash: crc32c=5wmjHA==, md5=J+BJu7TRnLQLi3JhV8AV6Q==
cache-control: public,max-age=3600
x-cache-hit: miss
x-goog-stored-content-length: 2688
accept-ranges: none

GET
H2 200 en.json Show response
cdn-ukwest.onetrust.com/consent/98163a3e-f400-4c61-8d40-747a07bc5c49/018dd096-c9d6-7987-9180-74babb590fe2/ 61 KB
17 KB 115ms
114ms Fetch
application/x-javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/98163a3e-f400-4c61-8d40-747a07bc5c49/018dd096-c9d6-7987-9180-74babb590fe2/en.json

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-578592dbd1d973c9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b57e6f2abb1bcc7f89f46ca16b4a9f51719fe4de0f3e9c9e3966fd3834db471

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 May 2024 10:57:24 GMT
content-encoding: gzip
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 75496
content-md5: fqXslQV2D8Hm7Qs/42ZTcA==
content-length: 16740
x-ms-lease-status: unlocked
last-modified: Wed, 28 Feb 2024 14:47:33 GMT
server: cloudflare
etag: 0x8DC386C3271E624
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6128fcd9-b01e-0059-7dd4-7a211d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88be33fd5c2aabee-YYZ

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/assets/ 10 KB
3 KB 106ms
106ms Fetch
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/assets/otFloatingRoundedCorner.json

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-578592dbd1d973c9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 May 2024 10:57:24 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Kj9eZyK9jbYaOE1O5PHVDA==
age: 81226
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2627
x-ms-lease-status: unlocked
last-modified: Fri, 23 Feb 2024 19:52:02 GMT
server: cloudflare
etag: 0x8DC34A8E789BE50
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 9a1807ea-301e-000c-2cd4-7aca6a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88be33fe3c9aabee-YYZ
expires: Fri, 31 May 2024 10:57:24 GMT

GET
H2 200 otPcTab.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/assets/v2/ 63 KB
13 KB 126ms
126ms Fetch
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/assets/v2/otPcTab.json

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-578592dbd1d973c9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51dfbad7e1a227d3935016e5c4190e5e46e03daa4b249e5ded55f54235efbd7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 May 2024 10:57:24 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: cum224+VZtN2fQod9AfC0A==
age: 61922
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13599
x-ms-lease-status: unlocked
last-modified: Fri, 23 Feb 2024 19:52:03 GMT
server: cloudflare
etag: 0x8DC34A8E826665C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a23f333d-c01e-0019-1dd4-7a08f3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88be33fe5cb9abee-YYZ
expires: Fri, 31 May 2024 10:57:24 GMT

GET
H2 200 otCookieSettingsButton.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/assets/ 5 KB
2 KB 123ms
123ms Fetch
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/assets/otCookieSettingsButton.json

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-578592dbd1d973c9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 May 2024 10:57:24 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: P+JM5OTYESbConLeIFfe7w==
age: 79121
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1766
x-ms-lease-status: unlocked
last-modified: Fri, 23 Feb 2024 19:52:02 GMT
server: cloudflare
etag: 0x8DC34A8E7A3FAE6
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 963bc243-b01e-0070-62d4-7a575f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88be33fe5cbbabee-YYZ
expires: Fri, 31 May 2024 10:57:24 GMT

GET
H2 200 otCommonStyles.css Show response
cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/assets/ 21 KB
4 KB 136ms
135ms Fetch
text/css 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202402.1.0/assets/otCommonStyles.css

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-578592dbd1d973c9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 May 2024 10:57:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 60782
x-ms-lease-status: unlocked
last-modified: Fri, 23 Feb 2024 19:52:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4d666820-d01e-0060-1ad4-7a61b9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 88be33fe5cbcabee-YYZ
expires: Fri, 31 May 2024 10:57:24 GMT

GET
H2 200 Quiz_creative_content_feed_2_ara95f.png
res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/ 20 KB
0 1ms
1ms Image
image/avif 2600:1408:c400:397::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/Quiz_creative_content_feed_2_ara95f.png

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:397::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

c6b60c8cd87dc7c1e47793a6200c6abaaae64b23b92b2662e6a891fcbf6c6d44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 29 May 2023 19:00:20 GMT
server: Cloudinary
etag: "e12fa5bc731b02ee0343656b6333b210"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=31536000
server-timing: cld-akam;dur=17;start=2024-05-30T10:57:23.876Z;desc=miss,rtt;dur=33,content-info;desc="width=400,height=600,owidth=400,oheight=600,obytes=121402",cloudinary;dur=74;start=2024-05-23T07:55:04.112Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 20739

GET
H2 200 Homepage-Explore-GarlicLemonShrimpKabas_wdfwzb.png
res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/ 56 KB
0 1ms
1ms Image
image/avif 2600:1408:c400:397::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/Homepage-Explore-GarlicLemonShrimpKabas_wdfwzb.png

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:397::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

a81721c05467d9c1b1907dd9c2511ff39890ef81f9f700164c37cf0e18829b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 15:38:22 GMT
server: Cloudinary
etag: "f063e01cd0f0c543a563cff61ff73149"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=31536000
server-timing: cld-akam;dur=23;start=2024-05-30T10:57:23.880Z;desc=hit-near,rtt;dur=32,content-info;desc="width=801,height=1202,bytes=57048,owidth=801,oheight=1202,obytes=1158903"
accept-ranges: bytes
timing-allow-origin: *
content-length: 57048

GET
H2 200 Homepage-Explore-SeafoodCocktail_tnnvks.png
res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/ 48 KB
0 1ms
1ms Image
image/avif 2600:1408:c400:397::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/Homepage-Explore-SeafoodCocktail_tnnvks.png

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:397::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

c01bb9479ac12b0a466eea7b1d26de284f8daad016fe26d2710c2399d620f8be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 19:16:32 GMT
server: Cloudinary
etag: "b1d3fccba24c2c7f656b064d24927579"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=31536000
server-timing: cld-akam;dur=21;start=2024-05-30T10:57:23.876Z;desc=miss,rtt;dur=33,content-info;desc="width=801,height=1202,bytes=48955,owidth=801,oheight=1202,obytes=716781",cloudinary;dur=54;start=2024-05-23T14:03:23.389Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 48955

GET
H2 200 Homepage-Explore-FallMessaging_zdf6jh.png
res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/ 126 KB
0 1ms
1ms Image
image/avif 2600:1408:c400:397::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/kraft-heinz-whats-cooking-ca/f_auto,c_limit,w_1920,q_auto/f_auto/q_auto/dxp-images/heinz/or-creative-content-feed/Homepage-Explore-FallMessaging_zdf6jh.png

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:397::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

35b50e3378253b62dccb9433cafa6c29e17948c1da7dc73d9ff474c92324b0d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 19:16:34 GMT
server: Cloudinary
etag: "99f686dc074ec6ce45d01400bfa3f108"
vary: Accept,User-Agent,Save-Data
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=31536000
server-timing: cld-akam;dur=16;start=2024-05-30T10:57:23.876Z;desc=miss,rtt;dur=33,content-info;desc="width=801,height=1202,bytes=128682,owidth=801,oheight=1202,obytes=1475724",cloudinary;dur=92;start=2024-05-29T10:21:55.162Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 128682

GET
H2 200 ot_close.svg
cdn-ukwest.onetrust.com/logos/static/ 651 B
646 B 121ms
121ms Image
image/svg+xml 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/static/ot_close.svg

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 May 2024 10:57:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 5508
x-ms-lease-status: unlocked
last-modified: Tue, 14 May 2024 19:29:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 82ea6aef-a01e-0041-18d5-a60f17000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 88be33ff39b954a3-YYZ
expires: Fri, 31 May 2024 10:57:24 GMT

GET
H2 200 ot_guard_logo.svg Show response
cdn-ukwest.onetrust.com/logos/static/ 497 B
527 B 107ms
105ms Fetch
image/svg+xml 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/logos/static/ot_guard_logo.svg

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/_next/static/chunks/pages/_app-578592dbd1d973c9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 May 2024 10:57:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 61922
x-ms-lease-status: unlocked
last-modified: Tue, 14 May 2024 19:29:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c180ffff-501e-0037-53ae-a6855f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 88be33ff4d41abee-YYZ
expires: Fri, 31 May 2024 10:57:24 GMT

GET
H2 200 HEINZ-logo-sm.jpg
cdn-ukwest.onetrust.com/logos/a78fbccf-09e8-4fde-ad47-919d8ad6536f/98163a3e-f400-4c61-8d40-747a07bc5c49/8c55b7ef-6427-44eb-8512-dae98febb175/ 8 KB
8 KB 110ms
109ms Image
image/jpeg 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/a78fbccf-09e8-4fde-ad47-919d8ad6536f/98163a3e-f400-4c61-8d40-747a07bc5c49/8c55b7ef-6427-44eb-8512-dae98febb175/HEINZ-logo-sm.jpg

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

030d7d2d5ab4a1b6416ea9e05f4dbc1f5d66f54f4efc6933d8d03314c67fd0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 May 2024 10:57:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-md5: ox+X4Ge+x6xbAv9W3aoWcg==
age: 79211
content-length: 7720
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Thu, 29 Dec 2022 15:08:17 GMT
server: cloudflare
etag: 0x8DAE9AE8416A242
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 4d7f0169-f01e-0063-040b-7cca08000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88be33ff69c754a3-YYZ
expires: Fri, 31 May 2024 10:57:24 GMT

GET
H2 200 Heinz_(1).jpg
cdn-ukwest.onetrust.com/logos/a78fbccf-09e8-4fde-ad47-919d8ad6536f/98163a3e-f400-4c61-8d40-747a07bc5c49/4085dc96-c667-433b-933c-b2f9e35190ae/ 70 KB
70 KB 115ms
114ms Image
image/jpeg 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/a78fbccf-09e8-4fde-ad47-919d8ad6536f/98163a3e-f400-4c61-8d40-747a07bc5c49/4085dc96-c667-433b-933c-b2f9e35190ae/Heinz_(1).jpg

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f220e6d07552063eb88b0b4e0400f299a98610c004973ef1685ff315e8e2153d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 May 2024 10:57:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-md5: g+oweTDerowv7YbML7vaWA==
age: 60782
content-length: 71627
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Tue, 10 Jan 2023 16:20:10 GMT
server: cloudflare
etag: 0x8DAF3268BD8EBBE
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: bc7deb50-101e-005f-33d4-7ad665000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88be33ff69c854a3-YYZ
expires: Fri, 31 May 2024 10:57:24 GMT

GET
H2 200 powered_by_logo.svg
cdn-ukwest.onetrust.com/logos/static/ 5 KB
2 KB 136ms
135ms Image
image/svg+xml 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/static/powered_by_logo.svg

Requested by

Host: www.heinz.com
URL: https://www.heinz.com/en-CA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 May 2024 10:57:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 72955
x-ms-lease-status: unlocked
last-modified: Tue, 14 May 2024 19:29:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c234b3cb-f01e-0063-5ed5-a6ca08000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 88be33ff69c954a3-YYZ
expires: Fri, 31 May 2024 10:57:24 GMT

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 6F6C 0
0 557ms
147ms Document
text/html 2607:f8b0:4004:c1b::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcXRoUpAAAAADJ6CJ5FqaTT4WpekunUmpOZHl7B&co=aHR0cHM6Ly93d3cuaGVpbnouY29tOjQ0Mw..&hl=en&v=joHA60MeME-PNviL59xVH9zs&size=invisible&cb=bnivfmti0wol

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6W8I3_0CNSOHWxKvN8ZegA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.heinz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6W8I3_0CNSOHWxKvN8ZegA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 May 2024 10:57:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 embed_lib_v1.0.12.css
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/ 4 KB
2 KB 93ms
92ms Stylesheet
text/css 23.46.156.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.css
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.156.139 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-46-156-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8c107541703c4d748d507c1827566254c8a950dc913e83f6ec490e5cec3eca0f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 9a6b78e
date: Thu, 30 May 2024 10:57:24 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: Ii2KDY04c+qhyedihYMYdg==
x-cache: TCP_MEM_HIT from a23-46-151-139.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 1323
last-modified: Mon, 22 Jan 2024 19:32:26 GMT
opc-request-id: iad-1:F-GmYTpkYt4vDKCxQ32P6nxr9VDw3mn9AP2-fBr-X2mRyQIYr7QV2qcFWqYCRzTY
x-api-id: native
etag: 39224e5f-f8d6-4c55-ae56-505ef909cad1
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: text/css
version-id: 13b130cc-bbd0-4b27-8c6e-b602952002cb
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 29 Jun 2024 10:57:24 GMT

GET
H2 200 embed_lib_v1.0.12.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/ 14 KB
6 KB 94ms
93ms Script
application/javascript 23.46.156.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.156.139 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-46-156-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 837952667afe5b3e25ecaea19e3884e52add3125525a16d5c513270c9c50a8a9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 9a6b78f
date: Thu, 30 May 2024 10:57:24 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: VdrKLRPQL3RIZZVN/2qAoQ==
x-cache: TCP_MEM_HIT from a23-46-151-139.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 5716
last-modified: Mon, 22 Jan 2024 19:32:27 GMT
opc-request-id: iad-1:yvN4bg8V8-n5uytG9lmowXEj__qYpCIackWLttBw9Erfjec96OfeMYVrdXo-gqes
x-api-id: native
etag: 68841bda-6450-4a08-b6f6-faff4077f49a
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: b9e60eac-0991-435a-9f2a-a3f1f27e2397
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 29 Jun 2024 10:57:24 GMT

GET
H2 200 7064265650105224454
www.tiktok.com/embed/v2/ Frame 93A3 0
0 698ms
380ms Document
text/html 173.223.163.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tiktok.com/embed/v2/7064265650105224454?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.163.209 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a173-223-163-209.deploy.static.akamaitechnologies.com

Software

TLB /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests ; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=0ee95563-3e34-48eb-b4ed-de63c5f024b9; report-to csp-endpoint

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.heinz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-length: 18589
content-security-policy: upgrade-insecure-requests ; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=0ee95563-3e34-48eb-b4ed-de63c5f024b9; report-to csp-endpoint
content-security-policy-report-only: report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=0ee95563-3e34-48eb-b4ed-de63c5f024b9;report-to csp-endpoint;default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: https: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.soundon.global *.tableau.com *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.twitter.com *.vimeo.com *.yahoo.co.jp facebook.com googletagmanager.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com twitter.com unpkg.co;script-src 'unsafe-eval' s20.tiktokcdn.com sf16-website-login.neutral.ttwstatic.com sf16-website.neutral.ttwstatic.com;worker-src www.tiktok.com/business/sw.js www.tiktok.com/embed/sw.js www.tiktok.com/firebase-messaging-sw.js www.tiktok.com/sw.js
content-type: text/html; charset=utf-8
date: Thu, 30 May 2024 10:57:25 GMT
expires: Thu, 30 May 2024 10:57:25 GMT
pragma: no-cache
reporting-endpoints: csp-endpoint="https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
server: TLB
server-timing: inner; dur=162 cdn-cache; desc=MISS, edge; dur=20, origin; dur=232
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-akamai-request-id: 494b53fc
x-cache: TCP_MISS from a23-202-158-17.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
x-origin-response-time: 233,23.202.158.17
x-pumbaa-web-avail: 1
x-tt-logid: 20240530105724DAD0820D9560601017C8
x-tt-trace-host: 01426287e4445b5ff20f4095011fe5ae83e4e1804df3a1bcdf5c9d69ad0b461f8292ed8dbcb45ebe255af883a8e19b615f1b62cf5771439558132afb4860b91b9046b9829c1e82a192a3b32fba547a95c5f0060a0e326900f9b099c1069c3409e7
x-tt-trace-id: 00-240530105724DAD0820D9560601017C8-2DD81FB1457424FA-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 7138492977277717765
www.tiktok.com/embed/v2/ Frame A164 0
0 601ms
289ms Document
text/html 173.223.163.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tiktok.com/embed/v2/7138492977277717765?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.163.209 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a173-223-163-209.deploy.static.akamaitechnologies.com

Software

TLB /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests ; report-to csp-endpoint; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=0ee95563-3e34-48eb-b4ed-de63c5f024b9; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.heinz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-length: 18281
content-security-policy: upgrade-insecure-requests ; report-to csp-endpoint; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=0ee95563-3e34-48eb-b4ed-de63c5f024b9; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com
content-security-policy-report-only: report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=0ee95563-3e34-48eb-b4ed-de63c5f024b9;report-to csp-endpoint;default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: https: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.soundon.global *.tableau.com *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.twitter.com *.vimeo.com *.yahoo.co.jp facebook.com googletagmanager.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com twitter.com unpkg.co;script-src 'unsafe-eval' s20.tiktokcdn.com sf16-website-login.neutral.ttwstatic.com sf16-website.neutral.ttwstatic.com;worker-src www.tiktok.com/business/sw.js www.tiktok.com/embed/sw.js www.tiktok.com/firebase-messaging-sw.js www.tiktok.com/sw.js
content-type: text/html; charset=utf-8
date: Thu, 30 May 2024 10:57:25 GMT
expires: Thu, 30 May 2024 10:57:25 GMT
pragma: no-cache
reporting-endpoints: csp-endpoint="https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
server: TLB
server-timing: inner; dur=153 cdn-cache; desc=MISS, edge; dur=0, origin; dur=166
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-akamai-request-id: 494b53fe
x-cache: TCP_MISS from a23-202-158-17.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
x-origin-response-time: 166,23.202.158.17
x-pumbaa-web-avail: 1
x-tt-logid: 20240530105724A115E9997369201014E9
x-tt-trace-host: 01426287e4445b5ff20f4095011fe5ae83e4e1804df3a1bcdf5c9d69ad0b461f82e199cd6c57fd5c1460f7682229946d27189f2f71845d096649ca5d20260e617bc92b955da09df671378758020794374900b77e3edb62189802dac086bda6efc6
x-tt-trace-id: 00-240530105724A115E9997369201014E9-7FE0505B6FE7B31B-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 7121772773936008453
www.tiktok.com/embed/v2/ Frame 13E0 0
0 653ms
345ms Document
text/html 173.223.163.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tiktok.com/embed/v2/7121772773936008453?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.163.209 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a173-223-163-209.deploy.static.akamaitechnologies.com

Software

TLB /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.heinz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-security-policy: upgrade-insecure-requests ; report-to csp-endpoint; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=0ee95563-3e34-48eb-b4ed-de63c5f024b9; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com
content-security-policy-report-only: report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=0ee95563-3e34-48eb-b4ed-de63c5f024b9;report-to csp-endpoint;default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: https: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.soundon.global *.tableau.com *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.twitter.com *.vimeo.com *.yahoo.co.jp facebook.com googletagmanager.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com twitter.com unpkg.co;script-src 'unsafe-eval' s20.tiktokcdn.com sf16-website-login.neutral.ttwstatic.com sf16-website.neutral.ttwstatic.com;worker-src www.tiktok.com/business/sw.js www.tiktok.com/embed/sw.js www.tiktok.com/firebase-messaging-sw.js www.tiktok.com/sw.js
content-type: text/html; charset=utf-8
date: Thu, 30 May 2024 10:57:25 GMT
expires: Thu, 30 May 2024 10:57:25 GMT
pragma: no-cache
reporting-endpoints: csp-endpoint="https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
server: TLB
server-timing: inner; dur=168 cdn-cache; desc=MISS, edge; dur=7, origin; dur=224
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-akamai-request-id: 494b53ff
x-cache: TCP_MISS from a23-202-158-17.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
x-origin-response-time: 224,23.202.158.17
x-pumbaa-web-avail: 1
x-tt-logid: 20240530105724070CB0A7853DA70FE1A1
x-tt-trace-host: 01426287e4445b5ff20f4095011fe5ae83e4e1804df3a1bcdf5c9d69ad0b461f826985fa19bdc69499c1ce424de1cb5265d6dbc1592f10ecd1d55a71f1efb565afd4a68f1fe2be090e5607f76257cfe894cef3adcd88e0f9673c4b2d9126c7578e
x-tt-trace-id: 00-240530105724070CB0A7853DA70FE1A1-37071D383D8034B7-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 7116930278274223365
www.tiktok.com/embed/v2/ Frame D56B 0
0 316ms
316ms Document
text/html 173.223.163.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tiktok.com/embed/v2/7116930278274223365?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.163.209 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a173-223-163-209.deploy.static.akamaitechnologies.com

Software

TLB /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.heinz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-length: 18534
content-security-policy: upgrade-insecure-requests ; report-to csp-endpoint; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=0ee95563-3e34-48eb-b4ed-de63c5f024b9; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com
content-security-policy-report-only: report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=0ee95563-3e34-48eb-b4ed-de63c5f024b9;report-to csp-endpoint;default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: https: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.soundon.global *.tableau.com *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.twitter.com *.vimeo.com *.yahoo.co.jp facebook.com googletagmanager.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com twitter.com unpkg.co;script-src 'unsafe-eval' s20.tiktokcdn.com sf16-website-login.neutral.ttwstatic.com sf16-website.neutral.ttwstatic.com;worker-src www.tiktok.com/business/sw.js www.tiktok.com/embed/sw.js www.tiktok.com/firebase-messaging-sw.js www.tiktok.com/sw.js
content-type: text/html; charset=utf-8
date: Thu, 30 May 2024 10:57:28 GMT
expires: Thu, 30 May 2024 10:57:28 GMT
pragma: no-cache
reporting-endpoints: csp-endpoint="https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
server: TLB
server-timing: inner; dur=155 cdn-cache; desc=MISS, edge; dur=4, origin; dur=170
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-akamai-request-id: 494c0e01
x-cache: TCP_MISS from a23-202-158-17.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
x-origin-response-time: 170,23.202.158.17
x-pumbaa-web-avail: 1
x-tt-logid: 20240530105727070CB0A7853DA70FE293
x-tt-trace-host: 01426287e4445b5ff20f4095011fe5ae83e4e1804df3a1bcdf5c9d69ad0b461f826985fa19bdc69499c1ce424de1cb5265d6dbc1592f10ecd1d55a71f1efb565afb60411566536a39851127b4a26334fa281549df30c8df254d88a7b7a3c85105e
x-tt-trace-id: 00-240530105727070CB0A7853DA70FE293-37071D383D803A87-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 7029744641691962630
www.tiktok.com/embed/v2/ Frame D7FC 0
0 340ms
340ms Document
text/html 173.223.163.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tiktok.com/embed/v2/7029744641691962630?lang=en-CA&referrer=https%3A%2F%2Fwww.heinz.com%2Fen-CA

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.163.209 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a173-223-163-209.deploy.static.akamaitechnologies.com

Software

TLB /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.heinz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-length: 18481
content-security-policy: upgrade-insecure-requests ; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=0ee95563-3e34-48eb-b4ed-de63c5f024b9; report-to csp-endpoint
content-security-policy-report-only: report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=0ee95563-3e34-48eb-b4ed-de63c5f024b9;report-to csp-endpoint;default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: https: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.soundon.global *.tableau.com *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.twitter.com *.vimeo.com *.yahoo.co.jp facebook.com googletagmanager.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com twitter.com unpkg.co;script-src 'unsafe-eval' s20.tiktokcdn.com sf16-website-login.neutral.ttwstatic.com sf16-website.neutral.ttwstatic.com;worker-src www.tiktok.com/business/sw.js www.tiktok.com/embed/sw.js www.tiktok.com/firebase-messaging-sw.js www.tiktok.com/sw.js
content-type: text/html; charset=utf-8
date: Thu, 30 May 2024 10:57:28 GMT
expires: Thu, 30 May 2024 10:57:28 GMT
pragma: no-cache
reporting-endpoints: csp-endpoint="https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
server: TLB
server-timing: inner; dur=183 cdn-cache; desc=MISS, edge; dur=1, origin; dur=192
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-akamai-request-id: 494c0f9d
x-cache: TCP_MISS from a23-202-158-17.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
x-origin-response-time: 192,23.202.158.17
x-pumbaa-web-avail: 1
x-tt-logid: 20240530105727DAD0820D956060101904
x-tt-trace-host: 01426287e4445b5ff20f4095011fe5ae83e4e1804df3a1bcdf5c9d69ad0b461f8292ed8dbcb45ebe255af883a8e19b615f1b62cf5771439558132afb4860b91b90a2df4223caa9a93b84c66f9207093f782f1004ef35dfcb323b5db49832c7aa9a
x-tt-trace-id: 00-240530105727DAD0820D956060101904-2DD81FB145742A0F-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H3 200 favicon.ico
www.heinz.com/ 1011 B
1 KB 111ms
110ms Other
image/x-icon 34.111.11.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heinz.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.11.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

8.11.111.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

f99161f05b734a7387d989a45b84ae3378bac46a6d3e023565462d2cc08e6d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heinz.com/en-CA
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:57:29 GMT
via: 1.1 google
strict-transport-security: max-age=31536000; preload
age: 0
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.lytics.io *.customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com *.hotjar.com *.privacymanager.io *.onetrust.com polyfill.io *.bytedapm.com *.ttwstatic.com www.tiktok.com *.tiktokcdn-us.com *.pricespider.com *.swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net; report-uri https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1011
last-modified: Tue, 28 May 2024 15:10:09 GMT
server: Google Frontend
etag: W/"3f3-18fbfc06868"
vary: Accept-Encoding
content-type: image/x-icon
x-cloud-trace-context: 22f69c98e35ca134d5ae5d2a140a8983
cache-control: public,max-age=0
x-cache-hit: revalidated
accept-ranges: bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: o4504005838045184.ingest.sentry.io
URL: https://o4504005838045184.ingest.sentry.io/api/4505410929033216/security/?sentry_key=14a5b105c2c7443983e52fe24209ded4

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 01:16:58	Name: _GRECAPTCHA Value: 09AGwox9ucG3FFWAnaS94pb_s1EzvUlzZPcZDNA13AIFffJ2eUXo-gMINnF2qN-SJrrQulDpWtg8uofDHt0uEilr4
www.heinz.com/	1970-01-20 20:57:46	Name: kh-homepage-redirect Value: en-US
www.heinz.com/	1970-01-21 05:43:22	Name: kh-preferred-locale Value: en-CA
.fonts.net/	1970-01-20 20:57:48	Name: __cf_bm Value: IGA0E9lY0uPSgf6ZQ4AJWNbculpC3RDXyAZi.BzyNhE-1717066642-1.0.1.1-4s_XBHr6cCEZ4CaqaOBOOILfS0eiVKH6ZD7L8Wcu62BOHFItu13zRpmU.C_e7yaw.KdAbo0OdM.gIbooO31EtA
.heinz.com/	1970-01-21 05:43:22	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+May+30+2024+03%3A57%3A24+GMT-0700+(Pacific+Daylight+Saving+Time)&version=202402.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=dbfa0976-6f6c-4125-9822-dc41ab24394a&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.heinz.com%2Fen-CA&groups=C0003%3A0%2CC0001%3A1%2CC0004%3A0%2CC0002%3A0
.tiktok.com/	1970-01-21 05:36:10	Name: ttwid Value: 1%7CAQRm_RKX6wzxu3R5_Bxcx1jWyC-Huqprg1iHxeT8nos%7C1717066645%7Cc66f9e4983ff8fd9ca08758e0363f5345ea0a3ceeba0baf8e4cc000292dc5edc
www.heinz.com/	1970-01-20 20:57:48	Name: recaptcha-ca-t Value: AaGzOmfYlQ8BNMC4FDpOCpqlwITp_WlF73iriAR1V-UfjbJQYrJVZbQkW7G4ZICsXUKp16vF30JYxeWYlNzRWflwbnhZMt3hImPZnPo_dNrqMvv2REHHF8mJXIG0d4QFhi1OnO6clIvdCSTN6fREl_UvMnPXKQ:U=3028de02a0000000
.tiktok.com/	1970-01-20 21:12:10	Name: msToken Value: 0X-GggI8mnYHAIU2Dh6xsZ1sPn7JE-ImFor3iiuynVK9Eng3YdVpgM1a5u7D93AQQMAW8Ze5kdR8GL2GicvuE8rWKd4nIHelsxreUdmi3q0=

41 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.heinz.com/en-CA Message: [Report Only] Refused to load the script 'https://www.google.com/recaptcha/enterprise.js?render=6LcXRoUpAAAAADJ6CJ5FqaTT4WpekunUmpOZHl7B&waf=session' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net .lytics.io .customer.io www.googletagmanager.com www.googleoptimize.com maps.googleapis.com www.gstatic.com .hotjar.com .privacymanager.io .onetrust.com polyfill.io .bytedapm.com .ttwstatic.com www.tiktok.com .tiktokcdn-us.com .pricespider.com .swaven.com *.static-swaven.com edge.marker.io login.dotomi.com sc-static.net". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heinz.com/en-CA Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-ukwest.onetrust.com
cdn.allotta.io
cdn.fonts.net
experience.ninetailed.co
geolocation.onetrust.com
khparis2024.ca
o4504005838045184.ingest.sentry.io
res.cloudinary.com
sf16-website-login.neutral.ttwstatic.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.heinz.com
www.tiktok.com
o4504005838045184.ingest.sentry.io
173.223.163.208
173.223.163.209
23.46.156.139
2600:1408:c400:11::17cd:6b48
2600:1408:c400:397::523
2606:4700:4400::ac40:9b77
2606:4700::6810:291c
2606:4700::6812:176b
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c19::61
2607:f8b0:4004:c1b::67
2607:f8b0:4004:c1b::93
34.111.11.8
34.120.195.249
34.49.92.71
030d7d2d5ab4a1b6416ea9e05f4dbc1f5d66f54f4efc6933d8d03314c67fd0a0
0540b2466623c2e0ab1878a78f7e86c42078988fa9f67dccbee85d32bddda675
1099dde4f8838836df082f84facf14f6a62141f53e6a9330bb082f56557b23ef
21a47f7ae5f68d098c81dca6a9baeeb5e151138ec465aa06c77bca88a82b744d
2667e888219b42f87e7546d948de2f36c942fbedd4ca96ae5c52ddd51565d50d
2e789e43937c7abc5959eba06825459f4e08e050ff9ea43ab8ec5a041a3e7558
35b50e3378253b62dccb9433cafa6c29e17948c1da7dc73d9ff474c92324b0d5
360eea4340d428a085d4e3f949f2e40f1e613390d0568381c9f3e52453fff9bd
3809348bbdc8bd6743df7d45b3b05f219c4c7f72e393c260f1d585f3eedcf11e
38a47f112a28751121d8096c0cdf8906f8364441eaeebaa342dba502e588b158
3f3b31bb570f3e8215db239ef724f145f44a916978e8d33cf5bc9f8059191fe3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4be864707ecb79ec664eec518a6655d5f9f5d9358f61e471fe4253d5eee525e7
4fcb530ae6b796232fd4e4dcc493d1d3ae3e56658b34691e8da8bbcbcea608f7
51dfbad7e1a227d3935016e5c4190e5e46e03daa4b249e5ded55f54235efbd7a
549aee2aa3f0a2176ba56ec2a0e8e871b03bea50363392c9611ee092dae79fd8
5535c82f713014869baf5ff7fa211de341f2eae294fc05e6c6ac9786d22c6c94
55b6e0d71d1f5e64bc75ff097dcffd25cb0b920162213e6c9c8f3aa826885bf1
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
66707b7434e14fc523f2fc692e4a190958a02598dd3d9c45ec0f65f90091727b
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88
6dcde4be61d423113da8899b1cca4fc9bbca7b339869148c65fc2bfb4799f957
6f8fb4887cd20e2e49296175a35184411ef8e70270be255942d2742aaba4c6ea
7041a6c76e46c7bed26fd75072d65d91b42a24e3041e2365b68d37eaf73f94f6
7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397
792318d91d50f2a952e08ec9ad3a4c081d969d62730ef9d4a567da45c8ad635d
796534e97cbd7552a0cca284780dbd626c4958d2dda032d0f3784138b085317c
837952667afe5b3e25ecaea19e3884e52add3125525a16d5c513270c9c50a8a9
8b57e6f2abb1bcc7f89f46ca16b4a9f51719fe4de0f3e9c9e3966fd3834db471
8bead6cb10b571515221113acc548604150facfb54cefcf9d78fe00132fbff43
8c107541703c4d748d507c1827566254c8a950dc913e83f6ec490e5cec3eca0f
8d3fb7a0dfbcd762df64770d18554baefbf426a4c0560eca9ee81cc654fc4136
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
9170bc6ca29054b4e7a48b59e8a0c95343163dce5e876ab3b61b1e32fe8f3b0b
9894f03209a65182148eee6bbef16281120de7fdffb79ebe58c7dc95a159143b
9cfef4fd98c8704761a67bfc0eb95d3adac926b5972f7bc9b6f90ad496b51b4a
a14daf0e8fc4d267857209122973a1315ef55e5a63b7c37f4de4bc13440d94ff
a81721c05467d9c1b1907dd9c2511ff39890ef81f9f700164c37cf0e18829b66
ab49b7a85d348897b96a1fc53afb04741dd66a4df52a4ca5cb8b844f2da9d6ee
ad87fd1f7567f139c188532b5b1f939098c9eaa17c1dcdee51688d515f4d41bb
b0e3acc54460721385d2e472dda7288382f2766a06b38d2e732d034619f9b929
b6f688f7d8ec3bcbdce5538575fa0163b7d9b89a15a011298434e1edba2e6e7a
c01bb9479ac12b0a466eea7b1d26de284f8daad016fe26d2710c2399d620f8be
c172ac9fb73670801aba871626c85bea6dd149fb75c8acdc1323f66250a3e059
c6b60c8cd87dc7c1e47793a6200c6abaaae64b23b92b2662e6a891fcbf6c6d44
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d4ecebf86f4da9443277da5e543d73cdcd7a466618f47ff5a7f4fbffa1d2a46c
dba8505ac6e2003eed2d9da2750facdeb953fd10151d45026b523f973d20bd91
dc15d2dbaaafa80d89a77adf365ea3a2a728c8eefc36b9872b06b78d7d919b49
e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f220e6d07552063eb88b0b4e0400f299a98610c004973ef1685ff315e8e2153d
f2c47aba706362c2335b086a342d09bb88ca093687993684dc0f65ed2542d2d0
f99161f05b734a7387d989a45b84ae3378bac46a6d3e023565462d2cc08e6d90

www.heinz.com Open in urlscan Pro 34.111.11.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

97 %HTTPS

60 %IPv6

13 Domains

14 Subdomains

14 IPs

1 Countries

2647 kBTransfer

12579 kBSize

8 Cookies

9 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heinz.com Open in urlscan Pro
34.111.11.8 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

97 %
HTTPS

60 %
IPv6

13
Domains

14
Subdomains

14
IPs

1
Countries

2647 kB
Transfer

12579 kB
Size

8
Cookies

72 HTTP transactions
1 data transactions