heartline.com Open in urlscan Pro
2606:4700::6812:7f7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heartline.com/
Effective URL:
https://heartline.com/
Submission: On May 10 via api (May 10th 2024, 11:22:02 pm UTC) from US — Scanned from DE

Summary HTTP 31 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 31 HTTP transactions. The main IP is 2606:4700::6812:7f7, located in United States and belongs to CLOUDFLARENET, US. The main domain is heartline.com. The Cisco Umbrella rank of the primary domain is 590616.
TLS certificate: Issued by E1 on May 1st 2024. Valid for: 3 months.

This is the only time heartline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700::68... 2606:4700::6812:7f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:710... 2a02:26f0:7100:3b8::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	2600:9000:225... 2600:9000:225b:a00:9:7562:8c80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
31	9

6 2606:4700::6812:7f7 (United States)

ASN13335 (CLOUDFLARENET, US)

heartline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:3b8::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

itunes.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:225b:a00:9:7562:8c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.prod.heartline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	heartline.com heartline.com — Cisco Umbrella Rank: 590616 assets.prod.heartline.com	3 MB
2	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 101	605 B
2	gstatic.com fonts.gstatic.com	40 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	71 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
1	apple.com itunes.apple.com — Cisco Umbrella Rank: 50	3 KB
0	cloudflareinsights.com Failed static.cloudflareinsights.com Failed
31	8

	Domain	Requested by
14	assets.prod.heartline.com	heartline.com
6	heartline.com	heartline.com
2	www.facebook.com	1 redirects heartline.com
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	heartline.com connect.facebook.net
2	www.google-analytics.com	heartline.com www.google-analytics.com
2	fonts.googleapis.com	heartline.com
1	itunes.apple.com	heartline.com
0	static.cloudflareinsights.com Failed	heartline.com
31	9

This site contains links to these domains. Also see Links.

Domain
clinicaltrials.gov
apps.apple.com

Subject Issuer	Validity	Valid
heartline.com E1	`2024-05-01` - `2024-07-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-18` - `2024-05-18`	3 months	crt.sh
itunes.apple.com Apple Public EV Server RSA CA 2 - G1	`2024-01-23` - `2024-07-21`	6 months	crt.sh
assets.prod.heartline.com Amazon RSA 2048 M02	`2023-06-16` - `2024-07-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://heartline.com/
Frame ID: 288B8BB0549B6A3D4D1E4F15E102E494
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to the Heartline Study

Page URL History Show full URLs

http://heartline.com/ HTTP 307
https://heartline.com/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

31
Requests

94 %
HTTPS

100 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

2942 kB
Transfer

3812 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://clinicaltrials.gov/ct2/show/NCT04276441
Title: ClinicalTrials.gov

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/id1496449684?ct=&mt=8&pt=120985198
Title: See all the reviews on the App Store ›

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heartline.com/ HTTP 307
https://heartline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://www.facebook.com/tr/?id=426834258593087&ev=PageView&dl=https%3A%2F%2Fheartline.com%2F&rl=&if=false&ts=1715383317195&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715383317194.538195009&ler=empty&cdl=API_unavailable&it=1715383316939&coo=false&rqm=GET HTTP 302
https://www.facebook.com/tr/?cdl=API_unavailable&coo=false&dl=https%3A%2F%2Fheartline.com%2F&ec=0&ev=PageView&fbp=fb.1.1715383317194.538195009&id=426834258593087&if=false&it=1715383316939&ler=empty&o=4126&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1715383317195&v=2.9.156

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
heartline.com/
Redirect Chain

http://heartline.com/
https://heartline.com/

3 KB
3 KB

193ms
81ms

Document
text/html

2606:4700::6812:7f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heartline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

851aa291f30fd14a1e0a8dda83c37a0017ed6bb36909aed74fcdc9f32119389f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

age: 75653
cf-cache-status: DYNAMIC
cf-ray: 881dab1f9e7c4d7c-FRA
content-encoding: gzip
content-security-policy: default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
content-type: text/html
date: Fri, 10 May 2024 23:21:56 GMT
last-modified: Thu, 01 Dec 2022 19:37:56 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
x-amz-cf-id: MdinT210ciOWIVvaEWyB123ZzBVtHhaeooJhchpijRam1h3GyrYXuQ==
x-amz-cf-pop: FRA60-P5
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

Location: https://heartline.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css
fonts.googleapis.com/ 6 KB
723 B 135ms
49ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Serif:400,500,600&display=swap

Requested by

Host: heartline.com
URL: https://heartline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a61690ddbf7df6bc971a0b18aae0b71ccd8132cd77bd3b49d137640966d92f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 May 2024 23:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 May 2024 23:21:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 May 2024 23:21:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 134ms
49ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans:700&display=swap

Requested by

Host: heartline.com
URL: https://heartline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb865dedc15cc92ed104c5b2169bdaadd23c5473b885d2b087f8ee85613437f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 May 2024 23:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 May 2024 23:21:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 May 2024 23:21:56 GMT

GET
H2 200 main.bb18a926.js Show response
heartline.com/static/js/ 904 KB
269 KB 95ms
95ms Script
application/javascript 2606:4700::6812:7f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heartline.com/static/js/main.bb18a926.js

Requested by

Host: heartline.com
URL: https://heartline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65a903896c990a4f381f53565ffcb4d9bcc5825ec2f605852c1f35d49d601271

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heartline.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
date: Fri, 10 May 2024 23:21:56 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
via: 1.1 8313bbb5b34d1ea0742b64ffbb83b692.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: DUB56-P1
content-encoding: gzip
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 01 Dec 2022 19:37:56 GMT
server: cloudflare
etag: W/"9b26655663a7591085939b021176ab94"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 881dab202eb84d7c-FRA
x-amz-cf-id: xTlb8yVX8a9Rh032dR_osiSrx189LeORfsE1bWjU9q_bpc5KVWdrRw==
expires: Sat, 11 May 2024 03:21:56 GMT

GET
H2 200 main.f866af6e.css
heartline.com/static/css/ 4 KB
1 KB 95ms
94ms Stylesheet
text/css 2606:4700::6812:7f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heartline.com/static/css/main.f866af6e.css

Requested by

Host: heartline.com
URL: https://heartline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d5ff0930e51b043aac4b5a933736f702e690f1120e57cfbbb0fa0f9d8b160e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heartline.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
date: Fri, 10 May 2024 23:21:56 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
via: 1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA60-P5
content-encoding: gzip
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 01 Dec 2022 19:37:56 GMT
server: cloudflare
etag: W/"dc7813974c2303b033b28727d9365617"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 881dab201eb44d7c-FRA
x-amz-cf-id: n7EUbXZKUgsOP5KDAMQsBtolbRO7wa2kb6b2vBp098ix7zTMCHN1vQ==
expires: Sat, 11 May 2024 03:21:56 GMT

GET vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
static.cloudflareinsights.com/beacon.min.js/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: heartline.com
URL: https://heartline.com/static/js/main.bb18a926.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 May 2024 22:07:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4447
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 11 May 2024 00:07:49 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 116ms
39ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: heartline.com
URL: https://heartline.com/static/js/main.bb18a926.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 10 May 2024 23:21:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=12, mss=1294, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: x3rt4zYB7dl9Ak9xZ3pMQs5CRDxgP7b8+gN4rUa0eiOLx5y91xRNud6XyMsWrTPBYNlFuxaUyZmIb2vm0aUwrQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 lookup Show response
itunes.apple.com/ 6 KB
3 KB 212ms
69ms Script
text/javascript 2a02:26f0:7100:3b8::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://itunes.apple.com/lookup?id=1496449684&callback=__jp0

Requested by

Host: heartline.com
URL: https://heartline.com/static/js/main.bb18a926.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:3b8::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

59f8929b5c76afeed3a46e79aa7e16b1f96b2ce1c71c5113317adeabae819a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-apple-application-site: ST11
x-apple-jingle-correlation-key: D7JW4PKOFPZBQ6FZ3SCDKPHPZ4
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-responding-instance: MZStoreServices:2004712:::
x-b3-traceid: 1fd36e3d4e2bf21878b9dc84353cefcf
x-apple-application-instance: 2004712
date: Fri, 10 May 2024 23:21:56 GMT
x-cache: TCP_MISS from a2-17-100-125.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
b3: 1fd36e3d4e2bf21878b9dc84353cefcf-7f57b7332441934b
content-disposition: attachment; filename=1.txt
content-length: 1943
x-apple-partner: origin.0
x-apple-translated-wo-url: /WebObjects/MZStoreServices.woa/ws/wsLookup?id=1496449684&callback=__jp0&urlDesc=
apple-timing-app: 36 ms
x-true-cache-key: /L/itunes.apple.com/lookup?callback=__jp0&id=1496449684Browser vcd=2897
apple-tk: false
x-cache-remote: TCP_MISS from a23-213-160-197.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
apple-seq: 0
apple-originating-system: MZStoreServices
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-apple-request-uuid: 1fd36e3d-4e2b-f218-78b9-dc84353cefcf
x-b3-spanid: 7f57b7332441934b
x-apple-orig-url: https://mzstoreservices-int-st.itunes.apple.com/lookup?id=1496449684&callback=__jp0
cache-control: max-age=43219
x-webobjects-loadaverage: 0

GET
H2 200 heartline-logo.jpg
assets.prod.heartline.com/@1x/ 89 KB
89 KB 322ms
51ms Image
image/jpeg 2600:9000:225b:a00:9:7562:8c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.prod.heartline.com/@1x/heartline-logo.jpg
Requested by: Host: heartline.com
URL: https://heartline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:a00:9:7562:8c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 643137688116f6663e5895301ac0a728afcd9f07278ed4d6ccaa106a1d26d0fa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:26:25 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Mon, 03 Feb 2020 17:06:53 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 46533
etag: "bf3512a803f48fef00c0ff38fe84e204"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 91011
x-amz-cf-id: zjYQJupklSCSE4gK8o22tNEMvcSBx0vQdjKX9lg5JKXIlLQ2Uo35Tg==

GET
H2 200 badge-enrollment-closed-108w@2x.png
assets.prod.heartline.com/@2x/ 12 KB
12 KB 1013ms
743ms Image
image/png 2600:9000:225b:a00:9:7562:8c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.prod.heartline.com/@2x/badge-enrollment-closed-108w@2x.png
Requested by: Host: heartline.com
URL: https://heartline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:a00:9:7562:8c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6709b439a43dfcfc87c3e64af68e86843edcc1ad11daac093005b68044cc7cc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:26:25 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Fri, 02 Dec 2022 00:02:06 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 46533
etag: "35b32efe61f5ce787790ea56c596bc50"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 12181
x-amz-cf-id: yeeXrAvtZ7p9KR1moZCSetlFk4OtgNMX4cQUssCjNjaPjeOuoMnCPw==

GET
H2 200 get-the-app-50w@2x.png
assets.prod.heartline.com/@2x/ 9 KB
9 KB 478ms
208ms Image
image/png 2600:9000:225b:a00:9:7562:8c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.prod.heartline.com/@2x/get-the-app-50w@2x.png
Requested by: Host: heartline.com
URL: https://heartline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:a00:9:7562:8c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 701ef0e6f83eeed02582b76ad2bd7ca59ec770ee3cc3a77eafbcc1ad4b8bb57f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:26:25 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Wed, 09 Oct 2019 15:38:44 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 46533
etag: "91fad9cb0fec9ed29f32930a23167180"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 8708
x-amz-cf-id: vlTcBl7seE6i8ajcahDn8BxuzzIKxIilk5CxefI572LAUhtUPLW3TQ==

GET
H2 200 j-j-logosignature-rgb-red.png
assets.prod.heartline.com/@1x/ 33 KB
34 KB 399ms
129ms Image
image/png 2600:9000:225b:a00:9:7562:8c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.prod.heartline.com/@1x/j-j-logosignature-rgb-red.png
Requested by: Host: heartline.com
URL: https://heartline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:a00:9:7562:8c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e565c631d99997d4f4bf982e1d7b604fd181d76cbd838c98a933c0fe237f01a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:26:25 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Thu, 11 Feb 2021 21:33:16 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 46533
etag: "caab4c7631f64f0540399ba7f894cc14"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 34003
x-amz-cf-id: hdwovj19-MrPfvRsgNairqamzCaV99sIPTtNgm-X6ckyzmZK5xxsqA==

GET
H2 200 technology-280w@2x.png
assets.prod.heartline.com/@2x/ 299 KB
300 KB 948ms
677ms Image
image/png 2600:9000:225b:a00:9:7562:8c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.prod.heartline.com/@2x/technology-280w@2x.png
Requested by: Host: heartline.com
URL: https://heartline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:a00:9:7562:8c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e325aae49f96d61f87709c238c2e59231b2999581d0791dea6e815fc034f3649

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:26:25 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Thu, 13 Feb 2020 19:13:58 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 46533
etag: "a4f39c22bb0373d6d1059e49fd94c6cd"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 306513
x-amz-cf-id: TZ_6IAnHLqlbD0Q3lO7VLpzHhXAbIm6PnZJi-VRglljSZ7RYvnH6-w==

GET
H2 200 02-Study-Phones-01-270x530@2x.png
assets.prod.heartline.com/@2x/ 285 KB
285 KB 412ms
142ms Image
image/png 2600:9000:225b:a00:9:7562:8c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.prod.heartline.com/@2x/02-Study-Phones-01-270x530@2x.png
Requested by: Host: heartline.com
URL: https://heartline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:a00:9:7562:8c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e9f43a2dc108ae303a94048a018fbe6cb677fb32f16615bcfbc7eb15664a448

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:26:25 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 02:33:53 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 46533
etag: "a55964b1bf493c545d561ef58a7226f8"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 291647
x-amz-cf-id: ut5AnPxv_hQa6GdnN51RyHa84qquq9D1SeRdVicRTslRm8JQvjW15w==

GET
H2 200 02-Study-Phones-02-270x530@2x.png
assets.prod.heartline.com/@2x/ 154 KB
154 KB 470ms
210ms Image
image/png 2600:9000:225b:a00:9:7562:8c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.prod.heartline.com/@2x/02-Study-Phones-02-270x530@2x.png
Requested by: Host: heartline.com
URL: https://heartline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:a00:9:7562:8c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4579c92ab9f209a7790f137588a0820128ce425339739e46c8753717e3b40a9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:26:25 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 02:33:52 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 46533
etag: "164fc91a985286eeecc6a71264c9e0ff"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 157688
x-amz-cf-id: rcYZV_3u3LuTX6JbPfRbfme7xjnWVygeCqQVTMAhIbsAaXdJTwgE-Q==

GET
H2 200 02-Study-Phones-03-270x530@2x.png
assets.prod.heartline.com/@2x/ 145 KB
145 KB 916ms
657ms Image
image/png 2600:9000:225b:a00:9:7562:8c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.prod.heartline.com/@2x/02-Study-Phones-03-270x530@2x.png
Requested by: Host: heartline.com
URL: https://heartline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:a00:9:7562:8c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 953150e2b11342383005ed2063be42fef5f56e18cb192cbd0e93b076839dae37

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:26:25 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 02:33:52 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 46533
etag: "8dd9478c5c1427c1aafbdc9876ff9e57"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 148182
x-amz-cf-id: qdQ1guSvBtFFKd4gA0Kj1mkUp4SWH0pAG3Xr87OSy86pjT5bbM3VOw==

GET
H2 200 US-residents-200w@2x.png
assets.prod.heartline.com/@2x/ 25 KB
25 KB 631ms
630ms Image
image/png 2600:9000:225b:a00:9:7562:8c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.prod.heartline.com/@2x/US-residents-200w@2x.png
Requested by: Host: heartline.com
URL: https://heartline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:a00:9:7562:8c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b0dd14f503c56b07411f125c35d9c5ffa05d1d6be465aacdc8e31abf11bcce4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:26:25 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Wed, 09 Oct 2019 15:38:45 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 46533
etag: "461f9a4444aca58cf5392d211b15f94d"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 25313
x-amz-cf-id: xc3t-KE28fiqXyjvm2wG4hLoAUOvYL6lPEITWpj81G7CNUgA2TcXww==

GET
H2 200 03-Eligible-IconPhones-200x200-Desktop@2x.png
assets.prod.heartline.com/@2x/ 16 KB
17 KB 631ms
631ms Image
image/png 2600:9000:225b:a00:9:7562:8c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.prod.heartline.com/@2x/03-Eligible-IconPhones-200x200-Desktop@2x.png
Requested by: Host: heartline.com
URL: https://heartline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:a00:9:7562:8c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a84c715a074dd08f866be435f7671173cb3017fa1713863c291d278b077cf6f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:26:25 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 02:34:28 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 46533
etag: "f169c01410d1e16861754db3fa80589b"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 16889
x-amz-cf-id: s6pYP1cZo6IdXSceVy-HmiiBLbyZu16Wif0qg0edMWqqxvYoQgzStQ==

GET
H2 200 original-medicare-200w@2x.png
assets.prod.heartline.com/@2x/ 25 KB
25 KB 631ms
631ms Image
image/png 2600:9000:225b:a00:9:7562:8c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.prod.heartline.com/@2x/original-medicare-200w@2x.png
Requested by: Host: heartline.com
URL: https://heartline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:a00:9:7562:8c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bad3de7ecc61a6eb8e463e1435c57d2647f109a1c29144a17069ba1c2aba9e32

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:26:25 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Wed, 09 Oct 2019 15:38:44 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 46533
etag: "517489f75c370f08123670096e7c48e3"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 25277
x-amz-cf-id: ZKqUR0uDSUH_fsj4f7tJCN8oxb9h273kuLirz5OA30N0Vc_3-bxCAA==

GET
H2 200 05-Reviews-5Stars-Small-96x20-Both@2x.png
assets.prod.heartline.com/@2x/ 4 KB
5 KB 631ms
631ms Image
image/png 2600:9000:225b:a00:9:7562:8c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.prod.heartline.com/@2x/05-Reviews-5Stars-Small-96x20-Both@2x.png
Requested by: Host: heartline.com
URL: https://heartline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:a00:9:7562:8c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d924a677ec1e0bc0f90cf246a82159f882cf1b36365770d051836cf1407e9765

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:26:25 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Thu, 11 Feb 2021 19:39:43 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 46533
etag: "c49a862cab1a62ba664e07fb842b7412"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 4327
x-amz-cf-id: kh1gUURD21HpsxLnqMe_UROQEEKP61s0qFhEvdVo1CgzsG-icDZVwA==

GET
H2 200 06-Privacy-Photo-740x500@2x.png
assets.prod.heartline.com/@2x/ 1 MB
1 MB 631ms
631ms Image
image/png 2600:9000:225b:a00:9:7562:8c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.prod.heartline.com/@2x/06-Privacy-Photo-740x500@2x.png
Requested by: Host: heartline.com
URL: https://heartline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:a00:9:7562:8c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ca85ee1a6dce64a2a4abe1dc18b42c926e79e8e4c51a22b14e52e02126bdf32

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:26:25 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Wed, 03 Feb 2021 01:42:09 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 46533
etag: "64bd248d16fdf6f8a2dfc557c2ae2954"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1402746
x-amz-cf-id: Q5moZFQ22s0AQEy1ugnMXyJFen2dwY2FacELVlWFUZYFlpHyY1JsUQ==

GET
H2 200 jizAREVNn1dOx-zrZ2X3pZvkTi3A_yI0q1s.woff2
fonts.gstatic.com/s/ibmplexserif/v19/ 20 KB
20 KB 167ms
80ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexserif/v19/jizAREVNn1dOx-zrZ2X3pZvkTi3A_yI0q1s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Serif:400,500,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d09590fc991dd3ccddaca937365488b575f929f7a04977ce06620b83f2da0cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://heartline.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 07:56:18 GMT
x-content-type-options: nosniff
age: 314738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20500
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 23:39:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 07:56:18 GMT

GET
H2 200 jizAREVNn1dOx-zrZ2X3pZvkTi3s-CI0q1s.woff2
fonts.gstatic.com/s/ibmplexserif/v19/ 20 KB
20 KB 130ms
43ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexserif/v19/jizAREVNn1dOx-zrZ2X3pZvkTi3s-CI0q1s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Serif:400,500,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3820b69d59d427a6a13f324cc666d2ede2ece26205a01127fb5d6abd53a77c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://heartline.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 07:56:42 GMT
x-content-type-options: nosniff
age: 314714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20300
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 23:44:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 07:56:42 GMT

GET
H2 200 lineto-circular-book.woff2
heartline.com/fonts/ 50 KB
52 KB 115ms
114ms Font
font/woff2 2606:4700::6812:7f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heartline.com/fonts/lineto-circular-book.woff2

Requested by

Host: heartline.com
URL: https://heartline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39c5d1ed54e49102939d0280aeb20f01ef021bf5ffa74dc25fcafb43fce62ff3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heartline.com/
Origin: https://heartline.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
date: Fri, 10 May 2024 23:21:56 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
via: 1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P5
x-cache: Hit from cloudfront
content-length: 51112
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 01 Dec 2022 19:37:56 GMT
server: cloudflare
etag: "0415b07a54e28ed90ed2129f8d674c12"
x-frame-options: DENY
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 881dab21ffc84d7c-FRA
x-amz-cf-id: Dxfo21snvqSImXzsLwsSGYe8lh_DSccSYS-fYvG7BMp24_7PaEO0YQ==
expires: Sat, 11 May 2024 03:21:56 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
206 B 47ms
47ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=886731542&t=pageview&_s=1&dl=https%3A%2F%2Fheartline.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=Welcome%20to%20the%20Heartline%20Study&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1891678493&gjid=806199784&cid=2075064631.1715383317&tid=UA-142447578-1&_gid=1145649032.1715383317&_r=1&_slc=1&z=1506077294

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 May 2024 23:21:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heartline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 426834258593087 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 245ms
244ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/426834258593087?v=2.9.156&r=stable&domain=heartline.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097d8c7db1b7561b62c41a6792b4c7c937ce20be103ef8d1c1b71239e5d1a914

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 10 May 2024 23:21:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=64, mss=1294, tbw=63326, tp=-1, tpl=-1, uplat=202, ullat=0
pragma: public
x-fb-debug: dIDRdVy6Ww761evYceQ3XKMBjd4QxG57Clyki4XPaz8mP9gfdsF611Y07HQ1C4GZd5Z0CniqCEDuKaX4RDVM1w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 05-Reviews-4_5Stars-Small-96x20-Both@2x.png
assets.prod.heartline.com/@2x/ 4 KB
5 KB 632ms
631ms Image
image/png 2600:9000:225b:a00:9:7562:8c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.prod.heartline.com/@2x/05-Reviews-4_5Stars-Small-96x20-Both@2x.png
Requested by: Host: heartline.com
URL: https://heartline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:a00:9:7562:8c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67d6fb9392a6d55bce15ecde6d9b9b425b02be10cfa586815aeb5638140486ba

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:26:25 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Thu, 11 Feb 2021 19:39:44 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 46533
etag: "7c3fe7144593175f09310ba376e6ea62"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 4403
x-amz-cf-id: _0lM7LXV0vqxRS7igntK_FUvQCtvX3HUoN3hdfSwmnb2QL19EX8flQ==

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=426834258593087&ev=PageView&dl=https%3A%2F%2Fheartline.com%2F&rl=&if=false&ts=1715383317195&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715383317194.538...
https://www.facebook.com/tr/?cdl=API_unavailable&coo=false&dl=https%3A%2F%2Fheartline.com%2F&ec=0&ev=PageView&fbp=fb.1.1715383317194.538195009&id=426834258593087&if=false&it=1715383316939&ler=empty...

0
130 B

39ms
39ms

Image
text/plain

2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?cdl=API_unavailable&coo=false&dl=https%3A%2F%2Fheartline.com%2F&ec=0&ev=PageView&fbp=fb.1.1715383317194.538195009&id=426834258593087&if=false&it=1715383316939&ler=empty&o=4126&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1715383317195&v=2.9.156

Requested by

Host: heartline.com
URL: https://heartline.com/

Protocol

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: MODERATE; q=0.3, rtt=255, rtx=0, c=10, mss=1294, tbw=3340, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 10 May 2024 23:21:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Redirect headers

x-fb-connection-quality: MODERATE; q=0.3, rtt=362, rtx=0, c=10, mss=1294, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=0
pragma: no-cache
date: Fri, 10 May 2024 23:21:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
content-type: text/plain
location: /tr/?cdl=API_unavailable&coo=false&dl=https%3A%2F%2Fheartline.com%2F&ec=0&ev=PageView&fbp=fb.1.1715383317194.538195009&id=426834258593087&if=false&it=1715383316939&ler=empty&o=4126&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1715383317195&v=2.9.156
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 favicon-32x32.png
heartline.com/ 2 KB
2 KB 77ms
77ms Other
image/png 2606:4700::6812:7f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heartline.com/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43f0d8b95345d48773baba6cc933147433e5350a54d8a2a68e0d9e8254d72103

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heartline.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
date: Fri, 10 May 2024 23:21:57 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
via: 1.1 72500140cb63ff2dee8b57e4476902e6.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA60-P5
x-cache: Hit from cloudfront
content-length: 1593
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 01 Dec 2022 19:37:56 GMT
server: cloudflare
etag: "3841eeacf6c55f6d2a0dd24bd78e5336"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 881dab28bc944d7c-FRA
x-amz-cf-id: 0qzSZWe_v7glj8x8fIfneZIiDB-iUW3ObKMxKWKscFsvWjk5rFA-xQ==
expires: Sat, 11 May 2024 03:21:57 GMT

GET
H2 200 favicon-16x16.png
heartline.com/ 828 B
1021 B 80ms
80ms Other
image/png 2606:4700::6812:7f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heartline.com/favicon-16x16.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b98e2f5889c1e727819dc94632fbe94dd6ec66ae46a9d6e2be382487047ac6ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heartline.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
date: Fri, 10 May 2024 23:21:57 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
via: 1.1 ce0a6880f9416cb3a7b5da0d937e47be.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA60-P5
x-cache: Hit from cloudfront
content-length: 828
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 01 Dec 2022 19:37:56 GMT
server: cloudflare
etag: "8d8ded6e865ed55d3992507bc2b4f9c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 881dab293cf64d7c-FRA
x-amz-cf-id: OAga5taIjDv7kktmi5XrROu6Vlyb9r0yL6rhjNR4uiuusMIh6dE-rg==
expires: Sat, 11 May 2024 03:21:57 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.heartline.com/	1970-01-21 06:05:43	Name: _ga Value: GA1.2.2075064631.1715383317
.heartline.com/	1970-01-20 20:31:09	Name: _gid Value: GA1.2.1145649032.1715383317
.heartline.com/	1970-01-20 20:29:43	Name: _gat Value: 1
.heartline.com/	1970-01-20 22:39:19	Name: _fbp Value: fb.1.1715383317194.538195009

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://heartline.com/ Message: Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other	warning	URL: https://connect.facebook.net/signals/config/426834258593087?v=2.9.156&r=stable&domain=heartline.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' connect.facebook.net itunes.apple.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com ajax.googleapis.com s.ytimg.com; connect-src 'self' webadmin.heartline.com admin.heartline.com backend.heartline.com pascal-prod.evidation.com pascal-beta.evidation.com pascal.evidation.com stats.g.doubleclick.net www.google-analytics.com evidation-pascal.zendesk.com www.ups.com itunes.apple.com www.facebook.com; img-src 'unsafe-inline' 'self' www.facebook.com www.google.com www.youtube.com stats.g.doubleclick.net www.google-analytics.com assets.prod.heartline.com i.ytimg.com data:; media-src 'self' assets.prod.heartline.com www.youtube.com i.ytimg.com; frame-src 'self' assets.prod.heartline.com www.youtube.com;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.prod.heartline.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
heartline.com
itunes.apple.com
static.cloudflareinsights.com
www.facebook.com
www.google-analytics.com
static.cloudflareinsights.com
2600:9000:225b:a00:9:7562:8c80:93a1
2606:4700::6812:7f7
2a00:1450:4001:803::200e
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200a
2a02:26f0:7100:3b8::2a1
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
097d8c7db1b7561b62c41a6792b4c7c937ce20be103ef8d1c1b71239e5d1a914
0e9f43a2dc108ae303a94048a018fbe6cb677fb32f16615bcfbc7eb15664a448
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2b3820b69d59d427a6a13f324cc666d2ede2ece26205a01127fb5d6abd53a77c
39c5d1ed54e49102939d0280aeb20f01ef021bf5ffa74dc25fcafb43fce62ff3
3e565c631d99997d4f4bf982e1d7b604fd181d76cbd838c98a933c0fe237f01a
43f0d8b95345d48773baba6cc933147433e5350a54d8a2a68e0d9e8254d72103
4d5ff0930e51b043aac4b5a933736f702e690f1120e57cfbbb0fa0f9d8b160e5
59f8929b5c76afeed3a46e79aa7e16b1f96b2ce1c71c5113317adeabae819a15
5b0dd14f503c56b07411f125c35d9c5ffa05d1d6be465aacdc8e31abf11bcce4
643137688116f6663e5895301ac0a728afcd9f07278ed4d6ccaa106a1d26d0fa
65a903896c990a4f381f53565ffcb4d9bcc5825ec2f605852c1f35d49d601271
67d6fb9392a6d55bce15ecde6d9b9b425b02be10cfa586815aeb5638140486ba
701ef0e6f83eeed02582b76ad2bd7ca59ec770ee3cc3a77eafbcc1ad4b8bb57f
7a84c715a074dd08f866be435f7671173cb3017fa1713863c291d278b077cf6f
7ca85ee1a6dce64a2a4abe1dc18b42c926e79e8e4c51a22b14e52e02126bdf32
851aa291f30fd14a1e0a8dda83c37a0017ed6bb36909aed74fcdc9f32119389f
953150e2b11342383005ed2063be42fef5f56e18cb192cbd0e93b076839dae37
a4579c92ab9f209a7790f137588a0820128ce425339739e46c8753717e3b40a9
a61690ddbf7df6bc971a0b18aae0b71ccd8132cd77bd3b49d137640966d92f0f
b98e2f5889c1e727819dc94632fbe94dd6ec66ae46a9d6e2be382487047ac6ba
bad3de7ecc61a6eb8e463e1435c57d2647f109a1c29144a17069ba1c2aba9e32
d09590fc991dd3ccddaca937365488b575f929f7a04977ce06620b83f2da0cb0
d924a677ec1e0bc0f90cf246a82159f882cf1b36365770d051836cf1407e9765
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e325aae49f96d61f87709c238c2e59231b2999581d0791dea6e815fc034f3649
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6709b439a43dfcfc87c3e64af68e86843edcc1ad11daac093005b68044cc7cc
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
eb865dedc15cc92ed104c5b2169bdaadd23c5473b885d2b087f8ee85613437f4

heartline.com Open in urlscan Pro 2606:4700::6812:7f7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

94 %HTTPS

100 %IPv6

8 Domains

9 Subdomains

9 IPs

2 Countries

2942 kBTransfer

3812 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

heartline.com Open in urlscan Pro
2606:4700::6812:7f7 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

94 %
HTTPS

100 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

2942 kB
Transfer

3812 kB
Size

4
Cookies

31 HTTP transactions
0 data transactions