urlscan.io logo urlscan.io
SecurityTrails logo

www.heerlaw.com Open in urlscan Pro
2606:4700:3108::ac42:2872  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://heerlaw.com/
Effective URL: https://www.heerlaw.com/
Submission: On March 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 3 countries across 19 domains to perform 82 HTTP transactions. The main IP is 2606:4700:3108::ac42:2872, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.heerlaw.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 6th 2023. Valid for: a year.
This is the only time www.heerlaw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:310... 13335 (CLOUDFLAR...)
15 2606:4700:310... 13335 (CLOUDFLAR...)
1 9 52.8.98.78 16509 (AMAZON-02)
2 17 54.219.55.129 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 7 35.193.123.107 396982 (GOOGLE-CL...)
5 18.66.147.31 16509 (AMAZON-02)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 146.75.120.157 54113 (FASTLY)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
3 3.69.116.253 16509 (AMAZON-02)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.245.62.93 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2 2600:9000:249... 16509 (AMAZON-02)
4 2400:52e0:1e0... 200325 (BUNNYCDN)
1 13.32.118.38 16509 (AMAZON-02)
82 25
1    2606:4700:3108::ac42:2b8e (United States)

ASN13335 (CLOUDFLARENET, US)
heerlaw.com
15    2606:4700:3108::ac42:2872 (United States)

ASN13335 (CLOUDFLARENET, US)
www.heerlaw.com
9    52.8.98.78 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-98-78.us-west-1.compute.amazonaws.com
birdeye.com
webchat.birdeye.com
17    54.219.55.129 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-219-55-129.us-west-1.compute.amazonaws.com
widgets-v7.birdeye.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
7    35.193.123.107 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.123.193.35.bc.googleusercontent.com
sgtm.heerlaw.com
5    18.66.147.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-31.fra60.r.cloudfront.net
platform.illow.io
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    3.69.116.253 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-116-253.eu-central-1.compute.amazonaws.com
api.platform.illow.io
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    18.245.62.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-62-93.fra60.r.cloudfront.net
ddjkm7nmu27lx.cloudfront.net
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2600:9000:2491:a200:16:fecd:21c0:21 (United States)

ASN16509 (AMAZON-02, US)
d1azc1qln24ryf.cloudfront.net
4    2400:52e0:1e00::1078:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.icomoon.io
1    13.32.118.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-38.fra60.r.cloudfront.net
d3cnqzq0ivprch.cloudfront.net
Apex Domain
Subdomains		 Transfer
26 birdeye.com
birdeye.com — Cisco Umbrella Rank: 63531
widgets-v7.birdeye.com — Cisco Umbrella Rank: 157957
webchat.birdeye.com — Cisco Umbrella Rank: 277446
420 KB
23 heerlaw.com
heerlaw.com
www.heerlaw.com
sgtm.heerlaw.com
227 KB
8 illow.io
platform.illow.io — Cisco Umbrella Rank: 102595
api.platform.illow.io — Cisco Umbrella Rank: 115545
138 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 734
www.linkedin.com — Cisco Umbrella Rank: 882
px4.ads.linkedin.com — Cisco Umbrella Rank: 7517
3 KB
4 icomoon.io
cdn.icomoon.io — Cisco Umbrella Rank: 20204
50 KB
4 gstatic.com
fonts.gstatic.com
63 KB
4 cloudfront.net
ddjkm7nmu27lx.cloudfront.net
d1azc1qln24ryf.cloudfront.net
d3cnqzq0ivprch.cloudfront.net
50 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 4233
611 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 643
14 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 5
region1.analytics.google.com — Cisco Umbrella Rank: 2066
752 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 195
498 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 251
70 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
274 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1224
393 B
1 t.co
t.co — Cisco Umbrella Rank: 766
376 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1756
17 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1208
15 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1408
7 KB
82 19
Domain Requested by
17 widgets-v7.birdeye.com 2 redirects www.heerlaw.com
birdeye.com
widgets-v7.birdeye.com
15 www.heerlaw.com www.heerlaw.com
static.cloudflareinsights.com
7 webchat.birdeye.com webchat.birdeye.com
7 sgtm.heerlaw.com 1 redirects www.heerlaw.com
sgtm.heerlaw.com
5 platform.illow.io sgtm.heerlaw.com
platform.illow.io
4 cdn.icomoon.io webchat.birdeye.com
cdn.icomoon.io
4 fonts.gstatic.com fonts.googleapis.com
4 px.ads.linkedin.com 3 redirects snap.licdn.com
3 www.google.de www.heerlaw.com
3 api.platform.illow.io platform.illow.io
3 bat.bing.com sgtm.heerlaw.com
bat.bing.com
www.heerlaw.com
2 d1azc1qln24ryf.cloudfront.net 2 redirects
2 fonts.googleapis.com widgets-v7.birdeye.com
webchat.birdeye.com
2 stats.g.doubleclick.net 1 redirects www.heerlaw.com
2 connect.facebook.net sgtm.heerlaw.com
connect.facebook.net
2 birdeye.com 1 redirects www.heerlaw.com
1 d3cnqzq0ivprch.cloudfront.net birdeye.com
1 region1.analytics.google.com www.heerlaw.com
1 ddjkm7nmu27lx.cloudfront.net widgets-v7.birdeye.com
1 www.google.com 1 redirects
1 www.facebook.com www.heerlaw.com
1 px4.ads.linkedin.com www.heerlaw.com
1 www.linkedin.com 1 redirects
1 analytics.twitter.com www.heerlaw.com
1 t.co www.heerlaw.com
1 snap.licdn.com sgtm.heerlaw.com
1 static.ads-twitter.com sgtm.heerlaw.com
1 static.cloudflareinsights.com www.heerlaw.com
1 heerlaw.com 1 redirects
82 29
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-06 -
2024-05-05		 a year crt.sh
*.birdeye.com
Go Daddy Secure Certificate Authority - G2		 2023-09-17 -
2024-10-18		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
sgtm.heerlaw.com
R3		 2024-03-05 -
2024-06-03		 3 months crt.sh
platform.illow.io
Amazon RSA 2048 M03		 2024-02-14 -
2025-03-15		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-01-21 -
2024-06-27		 5 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-29 -
2024-03-28		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-07 -
2025-01-06		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
api.platform.illow.io
Amazon RSA 2048 M02		 2023-11-27 -
2024-12-26		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2024-07-30		 6 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
cdn.icomoon.io
R3		 2024-03-03 -
2024-06-01		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.heerlaw.com/
Frame ID: AF2D54C47544399CDE171A637025F5F1
Requests: 47 HTTP requests in this frame

Frame: https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
Frame ID: F3B6B7FA2C724B0CF0FDD9B721602CE4
Requests: 18 HTTP requests in this frame

Frame: https://platform.illow.io/banner.css
Frame ID: 31006186255F45BA9FA9CAFE5842F2CE
Requests: 3 HTTP requests in this frame

Frame: https://webchat.birdeye.com/getBubbleContent?update=0&source=false&bNum=212351&apikey=3dc097cddd5d176d4e668673493d9335df09520aaf3243f1&widgetApiVersion=2
Frame ID: EC1D3DB5396121FD17D06AA3FCA81C0E
Requests: 10 HTTP requests in this frame

Frame: https://webchat.birdeye.com/getChatWindowContent?emailRequired=0&bNum=212351&mobileRequired=1&defaultCountryCode=0&apikey=3dc097cddd5d176d4e668673493d9335df09520aaf3243f1&widgetApiVersion=2&isMicroSite=false&activationStatus=false&isWidgetAlignLeft=false
Frame ID: 96906934EE03D7423AF058E63F1E7A6C
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Intellectual Property Lawyers Toronto Canada

Page URL History Show full URLs

  1. http://heerlaw.com/ HTTP 301
    https://www.heerlaw.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • birdeye\.com/embed
  • birdeye\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

82
Requests

91 %
HTTPS

59 %
IPv6

19
Domains

29
Subdomains

25
IPs

3
Countries

1072 kB
Transfer

3177 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://heerlaw.com/ HTTP 301
    https://www.heerlaw.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://birdeye.com/embed/v7/169989713065166/8/9876543218815183 HTTP 302
  • https://widgets-v7.birdeye.com/api/embed/v7/169989713065166/8/9876543218815183
Request Chain 35
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=337482&time=1711025783458&li_adsId=92503f17-c980-4d40-9f23-da62c730ffc2&url=https%3A%2F%2Fwww.heerlaw.com%2F&tm=gtmv2 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=337482&time=1711025783458&li_adsId=92503f17-c980-4d40-9f23-da62c730ffc2&url=https%3A%2F%2Fwww.heerlaw.com%2F&tm=gtmv2&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D337482%26time%3D1711025783458%26li_adsId%3D92503f17-c980-4d40-9f23-da62c730ffc2%26url%3Dhttps%253A%252F%252Fwww.heerlaw.com%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=337482&time=1711025783458&li_adsId=92503f17-c980-4d40-9f23-da62c730ffc2&url=https%3A%2F%2Fwww.heerlaw.com%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=337482&time=1711025783458&li_adsId=92503f17-c980-4d40-9f23-da62c730ffc2&url=https%3A%2F%2Fwww.heerlaw.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJWBjmE5JQowgAAAY5hFYUrZ2WqarpQLNQQsxiMZavexh0LEmo40XfijLlKuNnA0qGEYcBp-G9Hm8Orpuh7sgR27eR8
Request Chain 38
  • https://sgtm.heerlaw.com/j/collect?v=1&_v=j101&a=1842802615&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heerlaw.com%2F&ul=en-us&de=UTF-8&dt=Intellectual%20Property%20Lawyers%20Toronto%20Canada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAII~&jid=770807752&gjid=166074259&cid=431561439.1711025784&tid=UA-49323630-1&_gid=797464562.1711025784&_fplc=0&_r=1&gtm=45He43k0n81FVT6W3Rv867761806za200&gcs=G111&gcd=13r3r3r2r5&dma_cps=sypham&dma=1&tcfd=10001&z=1086647614 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-49323630-1&cid=iEz%2BqU4IXFM0cNDPzxoVhOwP1JyzlIr3Kprr9i1l%2BQo%3D.1711025784&jid=770807752&_gid=797464562.1711025784&gjid=166074259&_v=j101&z=1086647614 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-49323630-1&cid=iEz%2BqU4IXFM0cNDPzxoVhOwP1JyzlIr3Kprr9i1l%2BQo%3D.1711025784&jid=770807752&_v=j101&z=1086647614 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-49323630-1&cid=iEz%2BqU4IXFM0cNDPzxoVhOwP1JyzlIr3Kprr9i1l%2BQo%3D.1711025784&jid=770807752&_v=j101&z=1086647614&slf_rd=1&random=1389885407
Request Chain 48
  • https://widgets-v7.birdeye.com/_next/static/6fVDV2sPbSJr6yV2hGjkG/_buildManifest.js HTTP 301
  • https://widgets-v7.birdeye.com/error
Request Chain 50
  • https://widgets-v7.birdeye.com/_next/static/6fVDV2sPbSJr6yV2hGjkG/_middlewareManifest.js HTTP 301
  • https://widgets-v7.birdeye.com/error
Request Chain 68
  • https://d1azc1qln24ryf.cloudfront.net/101518/birdeye-fonts/style-cf.css?3vp8 HTTP 302
  • https://cdn.icomoon.io/101518/birdeye-fonts/style-cf.css
Request Chain 78
  • https://d1azc1qln24ryf.cloudfront.net/101518/birdeye-fonts/style-cf.css?3vp8 HTTP 302
  • https://cdn.icomoon.io/101518/birdeye-fonts/style-cf.css

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heerlaw.com/
Redirect Chain
  • http://heerlaw.com/
  • https://www.heerlaw.com/
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d21061f14e2946d63eea8af382077bcc6a2541971a7a507f6b98527724b2a645
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
639215
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600, public
cf-cache-status
HIT
cf-ray
867e1a049de235e0-FRA
content-encoding
br
content-type
text/html
date
Thu, 21 Mar 2024 12:56:22 GMT
last-modified
Fri, 23 Feb 2024 12:45:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n778vLDQWRdJL%2B8zgDZbOuW0gQrczO4birZMDESZ%2F32C54Wl32Ky6SFl70of%2Fs8U%2B0ETjreid6kR0rpJWJFukams%2Ftbh1KBQSXz0LBFax9kuRNyiUAxznBZUOypzFjngAL98MhNe3Kq48O8CVg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

CF-RAY
867e1a03fab69a2f-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 21 Mar 2024 12:56:22 GMT
Expires
Thu, 21 Mar 2024 13:56:22 GMT
Location
https://www.heerlaw.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yoQ5wOpsLLblsHqgTjd%2Fb1uVs1QCyzZqVCTHvlf58PFasCgIIPmpXMfdI18if6XlueCynBSvckmkLWoKLTyMtbvGabLUGM%2FbLwIJNBSGpKErE57aDCk3N3606O5fAMxDXxiYcS1g1YVq"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
alt-svc
h3=":443"; ma=86400
button_larger.png
www.heerlaw.com/images/ 		856 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heerlaw.com/images/button_larger.png
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d6e250e3c1f98cdc80110c9403b8a4dc802c4eaa421177eaafd2c354f30ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=3418
content-disposition
inline; filename="button_larger.webp"
alt-svc
h3=":443"; ma=86400
content-length
856
cf-bgj
imgq:85,h2pri
last-modified
Fri, 21 Jun 2019 14:35:27 GMT
server
cloudflare
etag
"d5a-5d0ceb2f-aac7bc945ad001c9;;;"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vEIeruzv6uhbcp%2BAh0u0sQyGw8Gk0RDZoj7Hb7J9ie8rzFmMF%2BuLEzbQPRjHl1NwuiZuPRQbUm1KKyP9GCiBVCU3ukPxGIuas9ih6f0IHF9lu17TlpsnBBKspT3wx7vSx5MBn%2Bs22Ln3%2F9OCFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
867e1a04de0d35e0-FRA
expires
Wed, 27 Mar 2024 13:15:17 GMT
logo236.png
www.heerlaw.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heerlaw.com/images/logo236.png
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
485fe94fbdcf659250975a6c3e6364a817f3dfe41bdf34e0b45e253af892dd5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
93321
cf-polished
origFmt=png, origSize=15215
content-disposition
inline; filename="logo236.webp"
alt-svc
h3=":443"; ma=86400
content-length
6692
cf-bgj
imgq:85,h2pri
last-modified
Fri, 21 Jun 2019 15:14:53 GMT
server
cloudflare
etag
"3b6f-5d0cf46d-15d2781cd30362c0;;;"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3BKbzJCuJ3wnuA4GK7bTsE9bq7B73sf%2F7FDLbxLW62QX8jzy7q2sYaggFCo5DHctZy4xxPvqXqMrjruWBf7NO9qrzxN8uusWgyYrzNDpf8FerRttZ0Mjq%2FjxIgl0pzyTP370wGkB%2B7SPMcr6Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
867e1a04de0e35e0-FRA
expires
Wed, 13 Mar 2024 20:21:19 GMT
cs_spec_ont.jpg
www.heerlaw.com/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heerlaw.com/images/cs_spec_ont.jpg
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc7c6b3ad9ff7a1db26ddea3fe1de334e37cfad133393c65c57c445408428ef3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=8849
content-disposition
inline; filename="cs_spec_ont.webp"
alt-svc
h3=":443"; ma=86400
content-length
6344
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Aug 2019 12:43:34 GMT
server
cloudflare
etag
"2291-5d52b076-85e5822eae868e6a;;;"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lkQtiT5psx9f645iz6RhE6Kb6dcL2tMi3lZzDBhcfG4R9JQ450y4%2FMLis%2BzaGCRIF90bs4NW60bCfFPcMCA0k0e%2BcJuo49bRR6Z3%2FAKYlExBdeUNaNRGjnA%2F6rmYza8OXc2O%2BcFV98KVqS736A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
867e1a04fe2335e0-FRA
expires
Mon, 25 Mar 2024 20:16:48 GMT
9876543218815183
widgets-v7.birdeye.com/api/embed/v7/169989713065166/8/
Redirect Chain
  • https://birdeye.com/embed/v7/169989713065166/8/9876543218815183
  • https://widgets-v7.birdeye.com/api/embed/v7/169989713065166/8/9876543218815183
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-v7.birdeye.com/api/embed/v7/169989713065166/8/9876543218815183
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Server
54.219.55.129 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-55-129.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
bc5e222eac610cf8dab86e7c0e34e1e035cc67ec5fe097bfc52ab29462dd52c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
etag
"577-VlsECd7jvNjATRnynILgapmHdpU"
content-length
1399

Redirect headers

location
https://widgets-v7.birdeye.com:443/api/embed/v7/169989713065166/8/9876543218815183
date
Thu, 21 Mar 2024 12:56:22 GMT
server
awselb/2.0
content-length
110
content-type
text/html
3dc097cddd5d176d4e668673493d9335df09520aaf3243f1
birdeye.com/embed/v6/212351/1/1274932826/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://birdeye.com/embed/v6/212351/1/1274932826/3dc097cddd5d176d4e668673493d9335df09520aaf3243f1
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.8.98.78 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-98-78.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
7e5107ae65e5904c1a187d3a3cf864c8bd63aa4867314902fc789b71cd3d4170

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 21 Mar 2024 12:56:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
icon_twitter.gif
www.heerlaw.com/images/ 		152 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heerlaw.com/images/icon_twitter.gif
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d469db4a35ccf4be9acc1d38747cbd3df8bbccbc4a4503010dce84312be3ccb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283435
cf-polished
origFmt=gif, origSize=1355
content-disposition
inline; filename="icon_twitter.webp"
alt-svc
h3=":443"; ma=86400
content-length
152
cf-bgj
imgq:85,h2pri
last-modified
Mon, 21 Apr 2014 15:21:38 GMT
server
cloudflare
etag
"54b-53553782-12bc31b4de7ed61;;;"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwZuvWkEVSUjQH%2Bag%2F5mAweWg6tSnddrWEBXfL96NxbUGUQQ9w2d2ZVCttmByMZ%2FNLT0mlwnTVjSAq4i0Xya3F0RfREcaoFB6sLebQEZTlYbAckwOtRMLVVKXfvyd8Tf5Z311cTjzqG1r%2BlF3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
867e1a04fe2435e0-FRA
expires
Wed, 20 Mar 2024 18:28:18 GMT
icon_facebook.gif
www.heerlaw.com/images/ 		164 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heerlaw.com/images/icon_facebook.gif
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b295d0cbe36a794ad1e070307ec9cba8c4d515e7edb42272350b6ca77611903
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283434
cf-polished
origFmt=gif, origSize=237
content-disposition
inline; filename="icon_facebook.webp"
alt-svc
h3=":443"; ma=86400
content-length
164
cf-bgj
imgq:85,h2pri
last-modified
Mon, 21 Apr 2014 15:21:06 GMT
server
cloudflare
etag
"ed-53553762-39ac53e224a1d0c;;;"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=enV%2BumlsAwXz%2Fzq1O9vHH%2BB11DEXWKsptfUFyVGD7xJwiHE%2FIfrooAG%2Fn2kwrLR3XLRYjrqPmLBWJnwZnBtjwL92NtFN6S9H04gLdA10rRa%2F1K0OoWU7wYRw5ipjV8JpvJpuimtBs2Fdr%2B3Fxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
867e1a04fe2635e0-FRA
expires
Wed, 20 Mar 2024 17:07:56 GMT
icon_linkedin.gif
www.heerlaw.com/images/ 		252 B
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heerlaw.com/images/icon_linkedin.gif
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38df2d555b7590fb1e88d83ae04c98db56bb2419f41fdbed30ad39edef7b28cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283434
cf-polished
origFmt=gif, origSize=1417
content-disposition
inline; filename="icon_linkedin.webp"
alt-svc
h3=":443"; ma=86400
content-length
252
cf-bgj
imgq:85,h2pri
last-modified
Mon, 21 Apr 2014 15:21:27 GMT
server
cloudflare
etag
"589-53553777-11b8fe6fead74e0d;;;"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2visRpSXkDxm1tKLFKpvxQiD75%2Fs14YYdEUG4%2BYl81SenjXLXOMoqfDXCqzmBP8gW9hQr%2FeHD1L%2BNofWgzA6%2BzplZL6SzQys8cbkYuYNp9onLfuz%2FZo24mndHn8X3qazRDR1Ty800ZEBfRdbiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
867e1a04fe2735e0-FRA
expires
Thu, 21 Mar 2024 18:41:33 GMT
icon_instagram.gif
www.heerlaw.com/images/ 		916 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heerlaw.com/images/icon_instagram.gif
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbcef8d5be2b327c4e1a1f7628377038a2c76b243df7852878253d5a5d3fffd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283434
cf-polished
origFmt=gif, origSize=1141
content-disposition
inline; filename="icon_instagram.webp"
alt-svc
h3=":443"; ma=86400
content-length
916
cf-bgj
imgq:85,h2pri
last-modified
Thu, 16 Jul 2020 17:56:48 GMT
server
cloudflare
etag
"475-5f1094e0-e824f6c066782d31;;;"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=okch8p4BfHoeyCQzYlLEFVljRUYuQfcFNbhbS%2BK%2F%2Bd8tqFPobXTEf2KbAqP8%2Fa2vPbVSTOyMLnZOoS6c%2Bji6DPf8wtRwPqHQ0%2FuMNAH4GH2NKJUO1b%2FBXRw6A%2FXOYKQSTjfsay3uzuiQwof5lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
867e1a04fe2835e0-FRA
expires
Wed, 13 Mar 2024 21:33:42 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://www.heerlaw.com/
Origin
https://www.heerlaw.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:22 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
867e1a0538de5c1a-FRA
aartjloo.js
sgtm.heerlaw.com/ 		276 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sgtm.heerlaw.com/aartjloo.js?id=GTM-FVT6W3R
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.193.123.107 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.123.193.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2c25db0d4db3861efa04a8e571b321b8f2ec1f26768c025f8708c1d3066a584c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
x-xss-protection
0
expires
Thu, 21 Mar 2024 12:56:22 GMT
stylesheettest-v1.css
www.heerlaw.com/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heerlaw.com/stylesheettest-v1.css
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57245ec63c751c091a6ffbd5a5714757952b1969ebf358b7f8321a01adb84f95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
656000
cf-polished
origSize=11264
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 13 May 2019 11:10:36 GMT
server
cloudflare
etag
W/"2c00-5cd950ac-7d5d9c5825b6a6cb;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hYoX9B8wZPXgEtoSgOOzJh9qivDSsmnawKHCP4nyrPFkS3B2ZO8eKPe%2Bn3OuN8QIELhRxqiZIP4RborYpEVPEOoXMeoRficwbIxQCa7Iw6JtAo85EGY4dK6tPgpCSpCrs9prvMM5g03TSTAAnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, public
cf-ray
867e1a04fe2a35e0-FRA
expires
Wed, 13 Mar 2024 21:27:42 GMT
page_bkgd_sm.jpg
www.heerlaw.com/images/ 		452 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heerlaw.com/images/page_bkgd_sm.jpg
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67b5de4d4ec8bf8f0a4b1072f96248fa5105aa650ab96826b9e1dabd580d9398
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283434
cf-polished
qual=85, origFmt=jpeg, origSize=902
content-disposition
inline; filename="page_bkgd_sm.webp"
alt-svc
h3=":443"; ma=86400
content-length
452
cf-bgj
imgq:85,h2pri
last-modified
Mon, 01 Jan 2018 18:27:42 GMT
server
cloudflare
etag
"386-5a4a7d9e-be74c52ed6c303c5;;;"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gkWHMdY3cQ%2FpRDq6W0OHIijAgOr8k9GudQWJZq3MgSz4eIIGOmKIcErt4%2BNKaFF5k1%2FQKae6mRG896EmGh3g6otDNde3cOS0DPeMjaP%2Bd%2FLKV%2F0kkP0UthJvssXU73km%2Fegs8z8DcOBtd3PwJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
867e1a04fe3035e0-FRA
expires
Thu, 21 Mar 2024 19:39:44 GMT
content_bkgd_tile_rev_sm.jpg
www.heerlaw.com/images/ 		238 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heerlaw.com/images/content_bkgd_tile_rev_sm.jpg
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f259146b8a1803e08f79ccb8f4babf6043187a044479afbb1a61572f230a1872
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283434
cf-polished
qual=85, origFmt=jpeg, origSize=877
content-disposition
inline; filename="content_bkgd_tile_rev_sm.webp"
alt-svc
h3=":443"; ma=86400
content-length
238
cf-bgj
imgq:85,h2pri
last-modified
Mon, 01 Jan 2018 18:27:43 GMT
server
cloudflare
etag
"36d-5a4a7d9f-425bea77bfbf190c;;;"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZMJQs%2BWH6FMKIaJ9ppJcetEc3Z42AEnHj72bdlvKJ87wtoldvyuPQADxA9wGFjWn0gOB7q1NmQhtGA5eqcOFiwy93MIURCA4GXErDbIfGVP8YMbDj%2BUgSYkZMInt4aoSobrql2K0%2FcDb7dekVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
867e1a04fe3135e0-FRA
expires
Thu, 14 Mar 2024 21:19:51 GMT
banner_bg.png
www.heerlaw.com/images/ 		580 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heerlaw.com/images/banner_bg.png
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1706b40397f2758d8d13ea57199acee5e6859bab47cfa90645a6445897171411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283434
cf-polished
origFmt=png, origSize=1279
content-disposition
inline; filename="banner_bg.webp"
alt-svc
h3=":443"; ma=86400
content-length
580
cf-bgj
imgq:85,h2pri
last-modified
Fri, 19 Aug 2016 16:02:50 GMT
server
cloudflare
etag
"4ff-57b72daa-23d974c0193fbdbb;;;"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5zW%2F%2FWWI3ZfFYcQ7nawvv7jUfy8woOPGD%2Fq%2Fd060Ad1Ttfhn3TNSHjh%2FoiwfTivqdCFVEA1d%2Be3m%2FrvwR3KmNFGLU57p5Et0OAcU3nWOoebFcuPbGAAgACrjgiUTPS7%2BJmjbDaKiM6vNrVexg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
867e1a04fe3335e0-FRA
expires
Fri, 15 Mar 2024 22:43:13 GMT
content_bkgd_rev_sm.jpg
www.heerlaw.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heerlaw.com/images/content_bkgd_rev_sm.jpg
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7838df8b87dc908efb38a9c6461c8c42113d3bccf33192f18d9415e4084522bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283434
cf-polished
qual=85, origFmt=jpeg, origSize=4237
content-disposition
inline; filename="content_bkgd_rev_sm.webp"
alt-svc
h3=":443"; ma=86400
content-length
1176
cf-bgj
imgq:85,h2pri
last-modified
Mon, 01 Jan 2018 18:27:43 GMT
server
cloudflare
etag
"108d-5a4a7d9f-251580d18fbe5bc2;;;"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GfDbCXifSqahi8dBfVlSVbJWv9yAMLNlZUj%2BqF2SHUmnkCm5hanvt2VBNPyMJ6TB53zxnsC5oI6DYkpadrxGOJO%2F%2BscdWf686HX2%2FUROC8iDixZcabCcaRJcCN6a3muNI8jkx58rnlUE4LZ3UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
867e1a04fe3535e0-FRA
expires
Wed, 13 Mar 2024 20:21:20 GMT
footer_bkgd_rev_sm.jpg
www.heerlaw.com/images/ 		760 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heerlaw.com/images/footer_bkgd_rev_sm.jpg
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1c7065493814e93a13eee0c961cb7e68d7b8b4cacb4a9326aab2b2c986f4f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283435
cf-polished
qual=85, origFmt=jpeg, origSize=2919
content-disposition
inline; filename="footer_bkgd_rev_sm.webp"
alt-svc
h3=":443"; ma=86400
content-length
760
cf-bgj
imgq:85,h2pri
last-modified
Mon, 01 Jan 2018 18:27:42 GMT
server
cloudflare
etag
"b67-5a4a7d9e-330efa7fb5ff338;;;"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J5jtJbDGrRMd%2Bu1fHJAznGCR1C9zclg6mkCrCDZUuZusGS1w4xSrAxMtZvW49u60lFgzOSn%2BjA5rARu16bCn%2Bs5sff1wQG7eFxyFObb%2B1zbrKxKJjQ72The3tS4cUlth9ytKdhJIS5K7JIrcOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
867e1a04fe3635e0-FRA
expires
Wed, 13 Mar 2024 20:21:20 GMT
banner.js
platform.illow.io/ 		168 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.illow.io/banner.js?siteId=5c47f19e-88da-4396-9b9c-851fefa94f1d
Requested by
Host: sgtm.heerlaw.com
URL: https://sgtm.heerlaw.com/aartjloo.js?id=GTM-FVT6W3R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2df91b473117de661f362bbd48c678426fc3314e096d65521b6fd6083abaf308
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 19:44:26 GMT
x-amz-version-id
g5DTyCMJJeGbHK6pQbyxayNxzCCx3ELe
content-encoding
br
content-security-policy
upgrade-insecure-requests;
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
61918
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 18 Mar 2024 09:46:05 GMT
server
AmazonS3
etag
W/"013da862f2515f1c6a00338d3802689c"
vary
Accept-Encoding, Origin
content-type
application/javascript;charset=UTF-8
permissions-policy
camera=(), microphone=(), geolocation=(), interest-cohort=()
x-amz-cf-id
qcBy97s3wZxgzrZ1mJ5fFRSClVXnfk3zjHUAqZRsoFM1NM-vVvIVLQ==
gtaartjloo.js
sgtm.heerlaw.com/ 		270 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sgtm.heerlaw.com/gtaartjloo.js?id=G-C3CYZYC7FE&l=dataLayer&cx=c
Requested by
Host: sgtm.heerlaw.com
URL: https://sgtm.heerlaw.com/aartjloo.js?id=GTM-FVT6W3R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.193.123.107 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.123.193.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
23b28f02daaa2610141b45998ac15eaaf5c8be7df1410d00ad50f6585fd76284
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
x-robots-tag
noindex
access-control-allow-headers
Cache-Control
x-xss-protection
0
expires
Thu, 21 Mar 2024 12:56:23 GMT
analytics.js
sgtm.heerlaw.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sgtm.heerlaw.com/analytics.js
Requested by
Host: sgtm.heerlaw.com
URL: https://sgtm.heerlaw.com/aartjloo.js?id=GTM-FVT6W3R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.193.123.107 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.123.193.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
nginx
age
6371
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
x-robots-tag
noindex
content-length
20994
expires
Thu, 21 Mar 2024 13:10:12 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: sgtm.heerlaw.com
URL: https://sgtm.heerlaw.com/aartjloo.js?id=GTM-FVT6W3R
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 21 Mar 2024 12:56:23 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6C15B3527D85437C832714A0D6FDA8F1 Ref B: FRAEDGE1313 Ref C: 2024-03-21T12:56:23Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
fbevents.js
connect.facebook.net/en_US/ 		216 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: sgtm.heerlaw.com
URL: https://sgtm.heerlaw.com/aartjloo.js?id=GTM-FVT6W3R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 21 Mar 2024 12:56:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57659
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1326, tbw=2767, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
5TSi1JvssXUuHQ+XAqErsdgfZDBZoOmEdrqySKGUgI71B39HmrWCP8jadDwhsl0QK4DPWPUw/gZOM4Q3F5Y7Sw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: sgtm.heerlaw.com
URL: https://sgtm.heerlaw.com/aartjloo.js?id=GTM-FVT6W3R
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kcgs7200169-IAD, cache-fra-etou8220040-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: sgtm.heerlaw.com
URL: https://sgtm.heerlaw.com/aartjloo.js?id=GTM-FVT6W3R
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2024 16:03:53 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=40671
accept-ranges
bytes
content-length
17224
data
sgtm.heerlaw.com/ 		35 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sgtm.heerlaw.com/data?v=2&event_name=page_view&dtdc=eyJwYWdlX2xvY2F0aW9uIjoiaHR0cHM6Ly93d3cuaGVlcmxhdy5jb20vIiwicGFnZV9ob3N0bmFtZSI6Ind3dy5oZWVybGF3LmNvbSIsInBhZ2VfcmVmZXJyZXIiOiIiLCJwYWdlX3RpdGxlIjoiSW50ZWxsZWN0dWFsIFByb3BlcnR5IExhd3llcnMgVG9yb250byBDYW5hZGEiLCJwYWdlX2VuY29kaW5nIjoiVVRGLTgiLCJldmVudF9pZCI6InBhZ2Vfdmlld18xNzExMDI2NDYyNDQ2XzE3MTEwMjYyMDUxMzczIn0%3D
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.193.123.107 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.123.193.35.bc.googleusercontent.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 12:56:23 GMT
access-control-max-age
600
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
content-type,set-cookie,x-robots-tag,x-gtm-server-preview,x-stape-preview
expires
Thu, 01 Jan 1970 00:00:00 GMT
adsct
t.co/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=b0f96135-2054-43af-8b7e-abdba370cc58&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9bf515fd-dd77-4180-8370-8aeac4ecdb00&tw_document_href=https%3A%2F%2Fwww.heerlaw.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9fra&type=javascript&version=2.3.29
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-response-time
112
date
Thu, 21 Mar 2024 12:56:23 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
d0c0a892b91f44a0
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
7f54b9ae0ab4dfa0f9d1a60aced37419f64072bb66685654f51abfd6c09aa1a7
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=b0f96135-2054-43af-8b7e-abdba370cc58&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9bf515fd-dd77-4180-8370-8aeac4ecdb00&tw_document_href=https%3A%2F%2Fwww.heerlaw.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9fra&type=javascript&version=2.3.29
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-response-time
113
date
Thu, 21 Mar 2024 12:56:23 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
c62124052351c001
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
38bac39861d8953583fcae6883d419cbfcfcaed184bd9d6c1d7ecc4aec8b5316
content-length
43
5708160.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5708160.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 21 Mar 2024 12:56:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C5797133748946B2A0B98AF1D925ED00 Ref B: FRAEDGE1313 Ref C: 2024-03-21T12:56:23Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5708160&tm=gtm002&Ver=2&mid=b19d6fd7-66e9-4e12-8adb-8fbf7629caa7&sid=6bbca550e78211eebfcafbee5f6f10aa&vid=6bbca180e78211eea80721b0cfe5dcaa&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Intellectual%20Property%20Lawyers%20Toronto%20Canada&kw=Heer%20Law,%20patent%20lawyer%20Toronto,%20Toronto%20patent%20lawyer,%20patent%20lawyers%20Toronto,%20patent%20attorney%20Toronto,%20patent%20lawyers,%20patent%20lawyer,%20patent%20lawyer%20canada,%20patent%20agent%20Toronto,%20patent%20attorney,%20Canadian%20patent%20attorney,%20intellectual%20property%20lawyer%20Toronto,%20ip%20law%20firms%20Toronto,%20intellectual%20property%20lawyers%20Toronto,%20patent%20attorney%20Canada,%20Toronto%20patent%20lawyers,%20patent%20law,%20intellectual%20property%20lawyer&p=https%3A%2F%2Fwww.heerlaw.com%2F&r=&lt=745&evt=pageLoad&sv=1&rn=300412
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 12:56:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 19B7B8182A91466AA95970774F5B4D98 Ref B: FRAEDGE1313 Ref C: 2024-03-21T12:56:23Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
1333441313692033
connect.facebook.net/signals/config/ 		54 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1333441313692033?v=2.9.150&r=stable&domain=www.heerlaw.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0eb52841327b868ace2eb7d0a7ecd8f8af01a53d586eba23136fc37b98fdf809
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 21 Mar 2024 12:56:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=63, mss=1326, tbw=62798, tp=-1, tpl=-1, uplat=125, ullat=0
pragma
public
x-fb-debug
PnCGCRbdMXfdrxhEr37eSco80UAUjtfJ8uhy10L/kM4JWydo3I4uoszDwGxN+1mdKaTmc3ayq1kKQ1fRX6Etkg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
en.json
platform.illow.io/translations/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://platform.illow.io/translations/en.json
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.js?siteId=5c47f19e-88da-4396-9b9c-851fefa94f1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d0e8e41304ba0911dd46cb187cbc21ec890338123aed8c1b3e47402a9bd3e3eb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 19:44:28 GMT
x-amz-version-id
JKzBYbKN6sah0mluA7suXh.MBnYQQig.
content-encoding
br
content-security-policy
upgrade-insecure-requests;
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
61916
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 18 Mar 2024 09:46:09 GMT
server
AmazonS3
etag
W/"509851e0ec6d93980a58b866615ae973"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
camera=(), microphone=(), geolocation=(), interest-cohort=()
x-amz-cf-id
02U2HaVrVGV8OSXaNvjTcbiegZPVVnLmjoEBoogsl3A9xVPseEBngg==
5c47f19e-88da-4396-9b9c-851fefa94f1d
api.platform.illow.io/public/cookies/ 		4 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.platform.illow.io/public/cookies/5c47f19e-88da-4396-9b9c-851fefa94f1d?lng=en
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.js?siteId=5c47f19e-88da-4396-9b9c-851fefa94f1d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.116.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-116-253.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
138cf4ce8e23a88ffea4beee68f09116c7c5dce88bb2aa3240f93ab86e8490a3
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
content-length
4034
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"fc2-fbyLjkdnIapXkSLzv6QFDiMKGd4"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
configurations
api.platform.illow.io/public/cookies/5c47f19e-88da-4396-9b9c-851fefa94f1d/ 		101 B
765 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.platform.illow.io/public/cookies/5c47f19e-88da-4396-9b9c-851fefa94f1d/configurations
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.js?siteId=5c47f19e-88da-4396-9b9c-851fefa94f1d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.116.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-116-253.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
829870f4df97fb9b39defdd22d8178dc3c8e5a5910687d4427114369c67c8d82
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
content-length
101
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"65-ClLOUy+lF1iUpq3tfOsryGYCKHA"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
5c47f19e-88da-4396-9b9c-851fefa94f1d
api.platform.illow.io/public/banner-customization/ 		527 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.platform.illow.io/public/banner-customization/5c47f19e-88da-4396-9b9c-851fefa94f1d?lng=en
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.js?siteId=5c47f19e-88da-4396-9b9c-851fefa94f1d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.116.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-116-253.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f59d04741a5779593b6625328a353a7df3d2c6254b4428a339dc6472e05780b0
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
content-length
527
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"20f-IvoGamEjGoKN7+BMi1o7l/ClAmw"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
/
px.ads.linkedin.com/wa/ 		0
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.heerlaw.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 21 Mar 2024 12:56:22 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 666205E96B0146459CDD2AD56DB1DFF1 Ref B: FRAEDGE1410 Ref C: 2024-03-21T12:56:23Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://www.heerlaw.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYUKzwIH0BjgulZma6pXQ==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=337482&time=1711025783458&li_adsId=92503f17-c980-4d40-9f23-da62c730ffc2&url=https%3A%2F%2Fwww.heerlaw.com%2F&tm=gtmv2
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=337482&time=1711025783458&li_adsId=92503f17-c980-4d40-9f23-da62c730ffc2&url=https%3A%2F%2Fwww.heerlaw.com%2F&tm=gtmv2&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D337482%26time%3D1711025783458%26li_adsId%3D92503f17-c980-4d40-9f23-da62c730ffc2%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=337482&time=1711025783458&li_adsId=92503f17-c980-4d40-9f23-da62c730ffc2&url=https%3A%2F%2Fwww.heerlaw.com%2F&tm=gtmv2&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=337482&time=1711025783458&li_adsId=92503f17-c980-4d40-9f23-da62c730ffc2&url=https%3A%2F%2Fwww.heerlaw.com%2F&tm=gtmv2&cookiesTest=true&liSync=tru...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=337482&time=1711025783458&li_adsId=92503f17-c980-4d40-9f23-da62c730ffc2&url=https%3A%2F%2Fwww.heerlaw.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJWBjmE5JQowgAAAY5hFYUrZ2WqarpQLNQQsxiMZavexh0LEmo40XfijLlKuNnA0qGEYcBp-G9Hm8Orpuh7sgR27eR8
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: FEB77A0D32DF40B5AA2C40F1936C3FE3 Ref B: FRAEDGE1122 Ref C: 2024-03-21T12:56:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYUKzwTdr6YH46l09C50w==

Redirect headers

date
Thu, 21 Mar 2024 12:56:23 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7F29EE53032E45ABADDA92EA313F4854 Ref B: FRAEDGE1410 Ref C: 2024-03-21T12:56:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=337482&time=1711025783458&li_adsId=92503f17-c980-4d40-9f23-da62c730ffc2&url=https%3A%2F%2Fwww.heerlaw.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJWBjmE5JQowgAAAY5hFYUrZ2WqarpQLNQQsxiMZavexh0LEmo40XfijLlKuNnA0qGEYcBp-G9Hm8Orpuh7sgR27eR8
x-li-proto
http/2
content-length
0
x-li-uuid
AAYUKzwQCW+dRHTPNdpg7g==
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1333441313692033&ev=PageView&dl=https%3A%2F%2Fwww.heerlaw.com%2F&rl=&if=false&ts=1711025783615&sw=1600&sh=1200&v=2.9.150&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1711025783615.2077626580&ler=empty&cdl=API_unavailable&it=1711025783452&coo=false&eid=page_view_1711026462446_17110262051373&tm=1&rqm=GET
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1326, tbw=2759, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 21 Mar 2024 12:56:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
widgets
widgets-v7.birdeye.com/api/ Frame F3B6 		13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
Requested by
Host: birdeye.com
URL: https://birdeye.com/embed/v7/169989713065166/8/9876543218815183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.55.129 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-55-129.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
e887271c203db4703ab490c2082ea7162ed4b526508073d151b718d331e52573

Request headers

Referer
https://www.heerlaw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
https://app.birdeye.com
content-length
13104
date
Thu, 21 Mar 2024 12:56:23 GMT
etag
"3330-9274QTaCeKcvgLEs2865HCmuSqk"
vary
Origin
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://sgtm.heerlaw.com/j/collect?v=1&_v=j101&a=1842802615&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heerlaw.com%2F&ul=en-us&de=UTF-8&dt=Intellectual%20Property%20Lawyers%20Toronto%20Canada&sd=24-bit&s...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-49323630-1&cid=iEz%2BqU4IXFM0cNDPzxoVhOwP1JyzlIr3Kprr9i1l%2BQo%3D.1711025784&jid=770807752&_gid=797464562.1711025784&gjid=166074...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-49323630-1&cid=iEz%2BqU4IXFM0cNDPzxoVhOwP1JyzlIr3Kprr9i1l%2BQo%3D.1711025784&jid=770807752&_v=j101&z=1086647614
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-49323630-1&cid=iEz%2BqU4IXFM0cNDPzxoVhOwP1JyzlIr3Kprr9i1l%2BQo%3D.1711025784&jid=770807752&_v=j101&z=1086647614&slf_rd=1&random=138...
42 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-49323630-1&cid=iEz%2BqU4IXFM0cNDPzxoVhOwP1JyzlIr3Kprr9i1l%2BQo%3D.1711025784&jid=770807752&_v=j101&z=1086647614&slf_rd=1&random=1389885407
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 12:56:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 21 Mar 2024 12:56:24 GMT
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-49323630-1&cid=iEz%2BqU4IXFM0cNDPzxoVhOwP1JyzlIr3Kprr9i1l%2BQo%3D.1711025784&jid=770807752&_v=j101&z=1086647614&slf_rd=1&random=1389885407
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ngtaartjloo
sgtm.heerlaw.com/ 		799 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.heerlaw.com/ngtaartjloo?v=2&tid=G-C3CYZYC7FE&gtm=45je43k0v874991392z8867761806za200&_p=1711025782543&gcs=G111&gcd=13r3r3r2r5&npa=0&dma_cps=sypham&dma=1&tcfd=10001&cid=431561439.1711025784&ecid=920986954&ul=en-us&sr=1600x1200&_fplc=0&ur=DE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sst.uc=DE&sst.rnd=1112044717.1711025784&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13r3r3r2r5&sst.adr=1&sst.tft=1711025782543&sst.ude=0&_s=1&sid=1711025783&sct=1&seg=0&dl=https%3A%2F%2Fwww.heerlaw.com%2F&dt=Intellectual%20Property%20Lawyers%20Toronto%20Canada&en=page_view&_fv=1&_ss=1&tfd=1499&richsstsse
Requested by
Host: sgtm.heerlaw.com
URL: https://sgtm.heerlaw.com/gtaartjloo.js?id=G-C3CYZYC7FE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.193.123.107 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.123.193.35.bc.googleusercontent.com
Software
/
Resource Hash
41112e5a8e198b00608f3b9a40b9c3a10b443a2d97bee71ab2542c8f7a3c722b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
x-content-type-options
nosniff
content-type
text/plain
access-control-allow-origin
https://www.heerlaw.com
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-accel-buffering
no
banner.css
platform.illow.io/ Frame 3100 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://platform.illow.io/banner.css
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.js?siteId=5c47f19e-88da-4396-9b9c-851fefa94f1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2bac1491e8feef087f0eae24ae022e836b78dd7f5de192adbdfcfc51a447be9b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 19:44:27 GMT
x-amz-version-id
L5InG1apGs9z4n.OYY75lQOghQw0mj5c
content-encoding
br
content-security-policy
upgrade-insecure-requests;
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
61917
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 18 Mar 2024 09:46:02 GMT
server
AmazonS3
etag
W/"62b19e8e516bc3726211efe3bab27df9"
vary
Accept-Encoding, Origin
content-type
text/css
permissions-policy
camera=(), microphone=(), geolocation=(), interest-cohort=()
x-amz-cf-id
BQboh5IXfXcqHalKwdY__tAedRltEQyrywR7cu3XJtarY7s8Tpu9Bw==
eda81cd4507e537c.css
widgets-v7.birdeye.com/_next/static/css/ Frame F3B6 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets-v7.birdeye.com/_next/static/css/eda81cd4507e537c.css
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.55.129 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-55-129.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
c7094491ea71a66e3154aa305ab7d97a543cb8fba7f7ff2319df08defc77c725

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
content-encoding
gzip
last-modified
Fri, 23 Feb 2024 02:10:21 GMT
etag
W/"3eca-18dd3ba56c8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
543b166e566793c9.css
widgets-v7.birdeye.com/_next/static/css/ Frame F3B6 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets-v7.birdeye.com/_next/static/css/543b166e566793c9.css
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.55.129 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-55-129.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
0173900051eca3e73d1ff9febfe462216ec16101ca2020cf2e296cf03804861f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
content-encoding
gzip
last-modified
Fri, 23 Feb 2024 05:09:41 GMT
etag
W/"1754-18dd45e8608"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
webpack-514908bffb652963.js
widgets-v7.birdeye.com/_next/static/chunks/ Frame F3B6 		1 KB
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-v7.birdeye.com/_next/static/chunks/webpack-514908bffb652963.js
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.55.129 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-55-129.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
88b7b60abfbcd15997d22d2839830aa4593142a21fc2b7be01f6896ac3d27310

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
content-encoding
gzip
last-modified
Fri, 23 Feb 2024 05:09:42 GMT
etag
W/"5c0-18dd45e89f0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
framework-91d7f78b5b4003c8.js
widgets-v7.birdeye.com/_next/static/chunks/ Frame F3B6 		127 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-v7.birdeye.com/_next/static/chunks/framework-91d7f78b5b4003c8.js
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.55.129 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-55-129.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
content-encoding
gzip
last-modified
Fri, 23 Feb 2024 02:10:21 GMT
etag
W/"1fc6a-18dd3ba56c8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
main-ba832cad11a030f7.js
widgets-v7.birdeye.com/_next/static/chunks/ Frame F3B6 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-v7.birdeye.com/_next/static/chunks/main-ba832cad11a030f7.js
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.55.129 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-55-129.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
8955274567e7fe987a9de393cf379bb4c3d4fa37e124414f5f2385d6c1e9e770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
content-encoding
gzip
last-modified
Fri, 23 Feb 2024 02:10:21 GMT
etag
W/"1ba4a-18dd3ba56c8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_app-9813aaabf7b75be1.js
widgets-v7.birdeye.com/_next/static/chunks/pages/ Frame F3B6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-v7.birdeye.com/_next/static/chunks/pages/_app-9813aaabf7b75be1.js
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.55.129 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-55-129.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
1ec4fbec6b02a439bad4ece44d16811ebe29e374da31c611ab1218220e5a1d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
content-encoding
gzip
last-modified
Fri, 23 Feb 2024 05:09:41 GMT
etag
W/"11ed-18dd45e8608"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
new-rotating-8a699c6e04dc2ec5.js
widgets-v7.birdeye.com/_next/static/chunks/pages/v8/ Frame F3B6 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-v7.birdeye.com/_next/static/chunks/pages/v8/new-rotating-8a699c6e04dc2ec5.js
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.55.129 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-55-129.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
f5df67e620930892df72a02097cd31909aea56ea0501dbe12f09a9a2f3f88731

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
content-encoding
gzip
last-modified
Fri, 23 Feb 2024 05:09:41 GMT
etag
W/"3101-18dd45e8608"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
error
widgets-v7.birdeye.com/ Frame F3B6
Redirect Chain
  • https://widgets-v7.birdeye.com/_next/static/6fVDV2sPbSJr6yV2hGjkG/_buildManifest.js
  • https://widgets-v7.birdeye.com/error
2 KB
908 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-v7.birdeye.com/error
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
Protocol
H2
Server
54.219.55.129 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-55-129.us-west-1.compute.amazonaws.com
Software
/ Next.js
Resource Hash
4e88e1b96be299fe55694e316cde7a85da17582309bf2757724988484564eca0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:24 GMT
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
x-powered-by
Next.js
etag
"61d-l4JdnSdwaDT2PBoLZeuCqvtvXcA"
vary
Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

location
/error
date
Thu, 21 Mar 2024 12:56:24 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
_ssgManifest.js
widgets-v7.birdeye.com/_next/static/6fVDV2sPbSJr6yV2hGjkG/ Frame F3B6 		77 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-v7.birdeye.com/_next/static/6fVDV2sPbSJr6yV2hGjkG/_ssgManifest.js
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.55.129 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-55-129.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:24 GMT
last-modified
Fri, 23 Feb 2024 02:10:21 GMT
etag
W/"4d-18dd3ba56c8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
77
error
widgets-v7.birdeye.com/ Frame F3B6
Redirect Chain
  • https://widgets-v7.birdeye.com/_next/static/6fVDV2sPbSJr6yV2hGjkG/_middlewareManifest.js
  • https://widgets-v7.birdeye.com/error
2 KB
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-v7.birdeye.com/error
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
Protocol
H2
Server
54.219.55.129 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-55-129.us-west-1.compute.amazonaws.com
Software
/ Next.js
Resource Hash
194ee1066c8df873c3f96fe8abf60d7aef9e72964a2cc8444cbe4eabc3f5f41a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:24 GMT
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
x-powered-by
Next.js
etag
"61d-lZZE2lhldCZxSTyo/8QTNL7oD+0"
vary
Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

location
/error
date
Thu, 21 Mar 2024 12:56:24 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
css2
fonts.googleapis.com/ Frame F3B6 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets-v7.birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Mar 2024 12:56:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 12:37:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Mar 2024 12:56:23 GMT
5fc65c84fc85484e9362da65b6206588.png
ddjkm7nmu27lx.cloudfront.net/305358015/ Frame F3B6 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddjkm7nmu27lx.cloudfront.net/305358015/5fc65c84fc85484e9362da65b6206588.png
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e0efb3aa1f37bb0cd7e8aff64a821d8c8fd8c2886545ece8adf3bf059613914

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets-v7.birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 17:51:05 GMT
x-amz-version-id
AC0hxpmdcyiV5CMoNrFRW6kaMdpOy3QH
via
1.1 6ce3814cb60a4c907ac701e60e4c1e5a.cloudfront.net (CloudFront)
last-modified
Sat, 16 Mar 2024 20:39:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
68719
etag
"3790f7b0ad4790d8e58d7f4d54c63c7e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-length
25113
x-amz-cf-id
b5SaLLK_63w1Yf8H8oB7JVpftKwkpyzWDciHWNkp43KPQjXu8pxdeA==
left-arrow.png
widgets-v7.birdeye.com/ Frame F3B6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets-v7.birdeye.com/left-arrow.png
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.55.129 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-55-129.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
2b7d3452288cef3342b8db2e74bd7320026c6dc8cd07d6b9568e0d4ddcfdac43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
cache-control
public, max-age=0
last-modified
Fri, 23 Feb 2024 02:09:22 GMT
accept-ranges
bytes
etag
W/"746-18dd3b97050"
content-length
1862
content-type
image/png
right-arrow.png
widgets-v7.birdeye.com/ Frame F3B6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets-v7.birdeye.com/right-arrow.png
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.55.129 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-55-129.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
c59f3ba94e761497a4b1e94125a40d4363b28c55b24003bdb73243660499905d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
cache-control
public, max-age=0
last-modified
Fri, 23 Feb 2024 05:08:25 GMT
accept-ranges
bytes
etag
W/"782-18dd45d5d28"
content-length
1922
content-type
image/png
birdeye-logo.svg
widgets-v7.birdeye.com/ Frame F3B6 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets-v7.birdeye.com/birdeye-logo.svg
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.55.129 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-55-129.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
19003bda0af25def358e5f521924bc2658b65dc47ca722fbba68684516a3ec48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=169989713065166&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:23 GMT
content-encoding
gzip
last-modified
Fri, 23 Feb 2024 02:09:22 GMT
etag
W/"c2c-18dd3b97050"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
inter-1ZL7W0Q5nw.269fabf1.woff2
platform.illow.io/ Frame 3100 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://platform.illow.io/inter-1ZL7W0Q5nw.269fabf1.woff2
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.illow.io/banner.css
Origin
https://www.heerlaw.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 19:44:26 GMT
x-amz-version-id
VFVW_NbAZoIX8XZyrcu_QbH9VWYgwdDg
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
61917
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37780
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 18 Mar 2024 09:46:02 GMT
server
AmazonS3
etag
"e1b9f0ecaaebb12c93064cd3c406f82b"
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
camera=(), microphone=(), geolocation=(), interest-cohort=()
accept-ranges
bytes
x-amz-cf-id
nJX71R7qiO4U0x5fvovU6XLL0Za41TBAOtZoLo9l8SuIE5Ek2s8zhA==
inter-1ZL7W0Q5nw.269fabf1.woff2
platform.illow.io/ Frame 3100 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://platform.illow.io/inter-1ZL7W0Q5nw.269fabf1.woff2
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.illow.io/banner.css
Origin
https://www.heerlaw.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 19:44:26 GMT
x-amz-version-id
VFVW_NbAZoIX8XZyrcu_QbH9VWYgwdDg
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
61917
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37780
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 18 Mar 2024 09:46:02 GMT
server
AmazonS3
etag
"e1b9f0ecaaebb12c93064cd3c406f82b"
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
camera=(), microphone=(), geolocation=(), interest-cohort=()
accept-ranges
bytes
x-amz-cf-id
pfPFwklzyNuo0xgst0uICnEH1xjM1FFphsLJW2QPSuQd_c8KRQ-DiQ==
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F3B6 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://widgets-v7.birdeye.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 18:30:08 GMT
x-content-type-options
nosniff
age
239176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Mar 2025 18:30:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F3B6 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://widgets-v7.birdeye.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 07:45:27 GMT
x-content-type-options
nosniff
age
191457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 07:45:27 GMT
ngtaartjloo
sgtm.heerlaw.com/ 		331 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.heerlaw.com/ngtaartjloo?v=2&tid=G-C3CYZYC7FE&gtm=45je43k0v874991392za200&_p=1711025782543&gcs=G111&gcd=13r3r3r2r5&npa=0&dma_cps=sypham&dma=1&tcfd=10001&cid=431561439.1711025784&ecid=920986954&ul=en-us&sr=1600x1200&_fplc=0&ur=DE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&sst.uc=DE&sst.rnd=1112044717.1711025784&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13r3r3r2r5&sst.adr=1&sst.tft=1711025782543&sst.sp=1&sst.em_event=1&sst.ude=0&_s=2&sid=1711025783&sct=1&seg=0&dl=https%3A%2F%2Fwww.heerlaw.com%2F&dt=Intellectual%20Property%20Lawyers%20Toronto%20Canada&en=scroll&epn.percent_scrolled=90&_et=1&tfd=2001&richsstsse
Requested by
Host: sgtm.heerlaw.com
URL: https://sgtm.heerlaw.com/gtaartjloo.js?id=G-C3CYZYC7FE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.193.123.107 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.123.193.35.bc.googleusercontent.com
Software
/
Resource Hash
3a320891a471c884f1d33e34a7e5b24c4bb3e0234bebcb2d1b0465d286b2e57d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:24 GMT
x-content-type-options
nosniff
content-type
text/plain
access-control-allow-origin
https://www.heerlaw.com
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-accel-buffering
no
collect
region1.analytics.google.com/g/s/ 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=sypham&gtm=45j91e43k0h2v874991392z8867761806z9889297628za200&_gsid=C3CYZYC7FErrjWzIQAGxYqit8uGeIMQQ
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 12:56:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=sypham&tid=G-C3CYZYC7FE&cid=iEz%2BqU4IXFM0cNDPzxoVhOwP1JyzlIr3Kprr9i1l%2BQo%3D.1711025784&gtm=45j91e43k0h2v874991392z8867761806z9889297628za200&aip=1&z=653951262
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 12:56:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&dma=1&dma_cps=sypham&tid=G-C3CYZYC7FE&cid=iEz%2BqU4IXFM0cNDPzxoVhOwP1JyzlIr3Kprr9i1l%2BQo%3D.1711025784&gtm=45j91e43k0h2v874991392z8867761806z9889297628za200&aip=1
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 12:56:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=sypham&tid=G-C3CYZYC7FE&cid=iEz%2BqU4IXFM0cNDPzxoVhOwP1JyzlIr3Kprr9i1l%2BQo%3D.1711025784&gtm=45j91e43j1v874991392z9889297628za200&aip=1&z=109113442
Requested by
Host: www.heerlaw.com
URL: https://www.heerlaw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 12:56:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
www.heerlaw.com/cdn-cgi/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heerlaw.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.heerlaw.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
application/json

Response headers

date
Thu, 21 Mar 2024 12:56:24 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.heerlaw.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
867e1a120adb1c32-FRA
getBubbleContent
webchat.birdeye.com/ Frame EC1D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webchat.birdeye.com/getBubbleContent?update=0&source=false&bNum=212351&apikey=3dc097cddd5d176d4e668673493d9335df09520aaf3243f1&widgetApiVersion=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.8.98.78 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-98-78.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
2161c802892cde2abd9c11d877607abf4105cac0fa0650b49dde06d316ce06b6

Request headers

Referer
https://www.heerlaw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 12:56:24 GMT
etag
W/"59d-PZTPmfRL6vq8dMGTWag1VRoaqmg"
vary
Accept-Encoding
x-powered-by
Express
css
fonts.googleapis.com/ Frame EC1D 		9 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: webchat.birdeye.com
URL: https://webchat.birdeye.com/getBubbleContent?update=0&source=false&bNum=212351&apikey=3dc097cddd5d176d4e668673493d9335df09520aaf3243f1&widgetApiVersion=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webchat.birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Mar 2024 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 12:34:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Mar 2024 12:56:24 GMT
style-cf.css
cdn.icomoon.io/101518/birdeye-fonts/ Frame EC1D
Redirect Chain
  • https://d1azc1qln24ryf.cloudfront.net/101518/birdeye-fonts/style-cf.css?3vp8
  • https://cdn.icomoon.io/101518/birdeye-fonts/style-cf.css
19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.icomoon.io/101518/birdeye-fonts/style-cf.css
Requested by
Host: webchat.birdeye.com
URL: https://webchat.birdeye.com/getBubbleContent?update=0&source=false&bNum=212351&apikey=3dc097cddd5d176d4e668673493d9335df09520aaf3243f1&widgetApiVersion=2
Protocol
H2
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
fb3084b6aafbd57352e66ecf56e47b8ed9fc8eb669e5a8679d7e75e9b153dba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webchat.birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:24 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-cachedat
11/10/2023 22:09:12
cdn-pullzone
1460617
last-modified
Fri, 10 Nov 2023 22:09:05 GMT
server
BunnyCDN-DE1-1078
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"9f7603551d1bb5afe75e2407bb83946c"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
dd4aa74a-23b0-4a02-a963-0a23a001f729
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
9708e7d8a2495348b3256a65fa25df6d
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

date
Thu, 21 Mar 2024 12:56:24 GMT
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
vary
Origin
x-cache
FunctionGeneratedResponse from cloudfront
location
https://cdn.icomoon.io/101518/birdeye-fonts/style-cf.css
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
XowsuLU_W4Dk01vh-jgmLC0EwsojjaX2rjp_ca92risXdT9U8F6Lew==
bubbleStyle.css
webchat.birdeye.com/public/ Frame EC1D 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webchat.birdeye.com/public/bubbleStyle.css
Requested by
Host: webchat.birdeye.com
URL: https://webchat.birdeye.com/getBubbleContent?update=0&source=false&bNum=212351&apikey=3dc097cddd5d176d4e668673493d9335df09520aaf3243f1&widgetApiVersion=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.8.98.78 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-98-78.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
b8cb4156e61d26dfdc3d270e9a846a91568f239044ee1ff0a9da22f4f505ac32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webchat.birdeye.com/getBubbleContent?update=0&source=false&bNum=212351&apikey=3dc097cddd5d176d4e668673493d9335df09520aaf3243f1&widgetApiVersion=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:24 GMT
content-encoding
gzip
last-modified
Fri, 16 Feb 2024 02:40:27 GMT
x-powered-by
Express
etag
W/"374-18dafc96178"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
884
bubble.js
webchat.birdeye.com/public/ Frame EC1D 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webchat.birdeye.com/public/bubble.js
Requested by
Host: webchat.birdeye.com
URL: https://webchat.birdeye.com/getBubbleContent?update=0&source=false&bNum=212351&apikey=3dc097cddd5d176d4e668673493d9335df09520aaf3243f1&widgetApiVersion=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.8.98.78 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-98-78.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
63c7d49a99f3690baeff8db69c4164f23abcd007d508b588d8b311e78e4d7578

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webchat.birdeye.com/getBubbleContent?update=0&source=false&bNum=212351&apikey=3dc097cddd5d176d4e668673493d9335df09520aaf3243f1&widgetApiVersion=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:24 GMT
content-encoding
gzip
last-modified
Fri, 16 Feb 2024 02:40:27 GMT
x-powered-by
Express
etag
W/"186c-18dafc96178"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
6252
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EC1D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://webchat.birdeye.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 07:45:27 GMT
x-content-type-options
nosniff
age
191458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 07:45:27 GMT
getChatWindowContent
webchat.birdeye.com/ Frame 9690 		121 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webchat.birdeye.com/getChatWindowContent?emailRequired=0&bNum=212351&mobileRequired=1&defaultCountryCode=0&apikey=3dc097cddd5d176d4e668673493d9335df09520aaf3243f1&widgetApiVersion=2&isMicroSite=false&activationStatus=false&isWidgetAlignLeft=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.8.98.78 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-98-78.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
22f72eb1c974018c04e51720c5e9d572190b5def9ebf9f4a2784ebd33a62cc35

Request headers

Referer
https://www.heerlaw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 12:56:25 GMT
etag
W/"1e54e-5tZPU8K/SKDPMQUbnsx9EvNMj6Y"
vary
Accept-Encoding
x-powered-by
Express
event
webchat.birdeye.com/webchat/ Frame EC1D 		38 B
569 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://webchat.birdeye.com/webchat/event
Requested by
Host: webchat.birdeye.com
URL: https://webchat.birdeye.com/public/bubble.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.8.98.78 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-98-78.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
779865aa88c55099ab49e1559fb392b209469f9d96f32bbe8df5e72b5d6807ec

Request headers

Accept
application/json
Referer
https://webchat.birdeye.com/getBubbleContent?update=0&source=false&bNum=212351&apikey=3dc097cddd5d176d4e668673493d9335df09520aaf3243f1&widgetApiVersion=2
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Mar 2024 12:56:25 GMT
x-powered-by
Express
etag
W/"26-HWRXQbvPRDu7PxuiqCXZN7llGK0"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
38
truncated
/ Frame EC1D 		372 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a91bf53b415247694755ef78d21c629ddb4ead2008de169459b166870784e05

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
icomoon.woff2
cdn.icomoon.io/101518/birdeye-fonts/ Frame EC1D 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.icomoon.io/101518/birdeye-fonts/icomoon.woff2?j2kjmz
Requested by
Host: cdn.icomoon.io
URL: https://cdn.icomoon.io/101518/birdeye-fonts/style-cf.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
4c75548f4dd89a8e6e7e668c6a51abe6deab1c58cd28bd9a986f36d5b52f3a06

Request headers

Referer
https://cdn.icomoon.io/101518/birdeye-fonts/style-cf.css
Origin
https://webchat.birdeye.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:25 GMT
cdn-edgestorageid
755
cdn-cachedat
03/08/2024 04:52:08
cdn-pullzone
1460617
content-length
20504
last-modified
Fri, 10 Nov 2023 22:09:05 GMT
server
BunnyCDN-DE1-1078
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"62aa930fd3a8ab540d18cbbb5f4b2c1e"
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
dd4aa74a-23b0-4a02-a963-0a23a001f729
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
1d9b66a27efeebbdcb79e4696c19b421
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
chatWindow.js
webchat.birdeye.com/public/ Frame 9690 		1 MB
263 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webchat.birdeye.com/public/chatWindow.js
Requested by
Host: webchat.birdeye.com
URL: https://webchat.birdeye.com/getChatWindowContent?emailRequired=0&bNum=212351&mobileRequired=1&defaultCountryCode=0&apikey=3dc097cddd5d176d4e668673493d9335df09520aaf3243f1&widgetApiVersion=2&isMicroSite=false&activationStatus=false&isWidgetAlignLeft=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.8.98.78 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-98-78.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
14c29b3d8c7a5955dfec617a7081421c3fd639760291d932114c94a0b9e7ddce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webchat.birdeye.com/getChatWindowContent?emailRequired=0&bNum=212351&mobileRequired=1&defaultCountryCode=0&apikey=3dc097cddd5d176d4e668673493d9335df09520aaf3243f1&widgetApiVersion=2&isMicroSite=false&activationStatus=false&isWidgetAlignLeft=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:25 GMT
content-encoding
gzip
last-modified
Fri, 16 Feb 2024 02:40:27 GMT
x-powered-by
Express
etag
W/"4185c-18dafc96178"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
268380
chatWindowStyle.css
webchat.birdeye.com/public/ Frame 9690 		35 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webchat.birdeye.com/public/chatWindowStyle.css
Requested by
Host: webchat.birdeye.com
URL: https://webchat.birdeye.com/getChatWindowContent?emailRequired=0&bNum=212351&mobileRequired=1&defaultCountryCode=0&apikey=3dc097cddd5d176d4e668673493d9335df09520aaf3243f1&widgetApiVersion=2&isMicroSite=false&activationStatus=false&isWidgetAlignLeft=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.8.98.78 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-98-78.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
43bf66b8221eb32ef80fcfe46173876a73feaf8e5270583fae76d593de624b2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webchat.birdeye.com/getChatWindowContent?emailRequired=0&bNum=212351&mobileRequired=1&defaultCountryCode=0&apikey=3dc097cddd5d176d4e668673493d9335df09520aaf3243f1&widgetApiVersion=2&isMicroSite=false&activationStatus=false&isWidgetAlignLeft=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:25 GMT
content-encoding
gzip
last-modified
Fri, 16 Feb 2024 02:40:27 GMT
x-powered-by
Express
etag
W/"3000-18dafc96178"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
12288
style-cf.css
cdn.icomoon.io/101518/birdeye-fonts/ Frame 9690
Redirect Chain
  • https://d1azc1qln24ryf.cloudfront.net/101518/birdeye-fonts/style-cf.css?3vp8
  • https://cdn.icomoon.io/101518/birdeye-fonts/style-cf.css
19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.icomoon.io/101518/birdeye-fonts/style-cf.css
Requested by
Host: webchat.birdeye.com
URL: https://webchat.birdeye.com/getChatWindowContent?emailRequired=0&bNum=212351&mobileRequired=1&defaultCountryCode=0&apikey=3dc097cddd5d176d4e668673493d9335df09520aaf3243f1&widgetApiVersion=2&isMicroSite=false&activationStatus=false&isWidgetAlignLeft=false
Protocol
H2
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
fb3084b6aafbd57352e66ecf56e47b8ed9fc8eb669e5a8679d7e75e9b153dba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webchat.birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:25 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-cachedat
11/10/2023 22:09:12
cdn-pullzone
1460617
last-modified
Fri, 10 Nov 2023 22:09:05 GMT
server
BunnyCDN-DE1-1078
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"9f7603551d1bb5afe75e2407bb83946c"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
dd4aa74a-23b0-4a02-a963-0a23a001f729
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
b44d0fe1f6d232e327ccc8ac07e4aef8
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

date
Thu, 21 Mar 2024 12:56:25 GMT
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
vary
Origin
x-cache
FunctionGeneratedResponse from cloudfront
location
https://cdn.icomoon.io/101518/birdeye-fonts/style-cf.css
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
lJivXIAZ7t9P4jtGiKWkmfmdbOlrxhfX1BJixaR4MLGPTBZ279ttuA==
truncated
/ Frame 9690 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb388b6d0cca7502cd083e2b4c5a013d6a4437ae2477e738ef675248bf77df5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
icomoon.woff2
cdn.icomoon.io/101518/birdeye-fonts/ Frame 9690 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.icomoon.io/101518/birdeye-fonts/icomoon.woff2?j2kjmz
Requested by
Host: cdn.icomoon.io
URL: https://cdn.icomoon.io/101518/birdeye-fonts/style-cf.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
4c75548f4dd89a8e6e7e668c6a51abe6deab1c58cd28bd9a986f36d5b52f3a06

Request headers

Referer
https://cdn.icomoon.io/101518/birdeye-fonts/style-cf.css
Origin
https://webchat.birdeye.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:25 GMT
cdn-edgestorageid
755
cdn-cachedat
03/08/2024 04:52:08
cdn-pullzone
1460617
content-length
20504
last-modified
Fri, 10 Nov 2023 22:09:05 GMT
server
BunnyCDN-DE1-1078
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"62aa930fd3a8ab540d18cbbb5f4b2c1e"
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
dd4aa74a-23b0-4a02-a963-0a23a001f729
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
5964d80a83bef153ea133fe4b2b3aff9
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EC1D 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://webchat.birdeye.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 18:30:08 GMT
x-content-type-options
nosniff
age
239179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Mar 2025 18:30:08 GMT
notification-sound.mp3
d3cnqzq0ivprch.cloudfront.net/prod/media/ 		24 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d3cnqzq0ivprch.cloudfront.net/prod/media/notification-sound.mp3
Requested by
Host: birdeye.com
URL: https://birdeye.com/embed/v6/212351/1/1274932826/3dc097cddd5d176d4e668673493d9335df09520aaf3243f1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
080e668f4d6abe04b61ba984af0430b89b03d0043738a97703de0f57c5e3fb55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heerlaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:56:28 GMT
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
24693
last-modified
Mon, 12 Jun 2023 23:14:52 GMT
server
AmazonS3
etag
"d7241ff2f74b80d2073d78efe6f1326b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
audio/mp3
access-control-allow-origin
*
vary
Origin
accept-ranges
bytes
x-amz-cf-id
hx4OflviHLgaOCHTXJ1u-zbAnaxjDwLFPqfFsNh-1ZIbVdG6O3at3A==

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| dataLayer number| wid number| update number| soundOff object| envObj number| emailRequired number| defaultCountryCode number| mobileRequired string| apikey number| widgetApiVersion number| bNum boolean| isMicroSite boolean| frmMicrosite boolean| isWidgetAlignLeft boolean| activationStatus boolean| source object| bizDataResp object| be_webchat object| __cfBeacon object| google_tag_manager object| google_tag_data object| __tcfapiQueue function| __tcfapi string| GoogleAnalyticsObject function| ga number| gtmPageLoadId function| fbq function| _fbq object| _fbq_gtm_ids function| twq object| _linkedin_data_partner_ids boolean| _already_called_lintrk object| regeneratorRuntime object| twttr function| UET function| UET_init function| UET_push object| ueto_5f81cf407f object| uetq object| illow object| wibson function| lintrk object| ORIBILI object| gaplugins function| onYouTubeIframeAPIReady function| gtag object| gaGlobal object| gaData

24 Cookies

Domain/Path Name / Value
birdeye.com/ Name: AWSALBCORS
Value: 6OOX4CrlMR3uLzfOFySZcUYma3TjGcuO2LBIvyA+nLaj6M0wr6G6ZdkefhWlWBL2aRXUhLrSjWcihPG29etT5aDMHE19ovWCWd38DllQ2XWXseVOl1tPAhGH4Ecl
.heerlaw.com/ Name: _uetsid
Value: 6bbca550e78211eebfcafbee5f6f10aa
.heerlaw.com/ Name: _uetvid
Value: 6bbca180e78211eea80721b0cfe5dcaa
.bing.com/ Name: MUID
Value: 2351BBBD2D9667A60BD6AFF42C44663A
.t.co/ Name: muc_ads
Value: 47fe5a2c-7e78-42ba-aa3c-d62526299b35
.heerlaw.com/ Name: _fbp
Value: fb.1.1711025783615.2077626580
.twitter.com/ Name: personalization_id
Value: "v1_cwy61VmOQtm5BWKbtF9iKg=="
.heerlaw.com/ Name: _dcid
Value: dcid.1.1711025783478.814662127
.linkedin.com/ Name: li_sugr
Value: 333f3904-66d3-4206-ace2-844a99ca6b20
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2736:u=1:x=1:i=1711025783:t=1711112183:v=2:sig=AQF7VlrKmxCstF_ie-5lj1dhnVBHs-ab"
.heerlaw.com/ Name: _gid
Value: GA1.2.797464562.1711025784
.linkedin.com/ Name: UserMatchHistory
Value: AQKCiPzxOSG3EQAAAY5hFYPFsV8wCDcmReb4GO6tky2hW_Rm7EayJfWkfIyP18A7BZPu9cVfg0WgXQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKikTD2QKT6qwAAAY5hFYPFzvrdlQiVVCdZw7-CfizDJTb4XvJZcBPmud9J9cu1kKWNwCgE4LHkQnLNyXN8aQ
.linkedin.com/ Name: bcookie
Value: "v=2&4464c7c0-2b56-430a-846c-6642af4fab77"
.heerlaw.com/ Name: _gat_UA-49323630-1
Value: 1
.heerlaw.com/ Name: _ga
Value: GA1.1.431561439.1711025784
.heerlaw.com/ Name: _ga_C3CYZYC7FE
Value: GS1.1.1711025783.1.0.1711025783.0.0.920986954
.www.linkedin.com/ Name: bscookie
Value: "v=1&20240321125623184e508f-d1de-498e-85ed-8b2cc4ab815cAQENrTmuoGEUhwTJ9GKjJE9qQ7Z3VnM7"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MTEwMjU3ODM7MjswMjFmpISxTqe7Qiawzz0H4IOUZQ/XVWc2gb29SE4tcO3s3g==
.heerlaw.com/ Name: FPID
Value: FPID2.2.iEz%2BqU4IXFM0cNDPzxoVhOwP1JyzlIr3Kprr9i1l%2BQo%3D.1711025784
.heerlaw.com/ Name: FPAU
Value: 1.2.1848943528.1711025784
.heerlaw.com/ Name: FPGSID
Value: 1.1711025784.1711025784.G-C3CYZYC7FE.rrjWzIQAGxYqit8uGeIMQQ
.heerlaw.com/ Name: FPLC
Value: sZ2Ly8Vr0aiWVmnku81F6cM8GaEJ%2BSZ8gopnlAbQY4XO5gjynq63%2Fj7e7bJixWliqtyjZ6Kz6GTGgXjhXz%2F8y1idJ7QxRXR0HcH1aRGp4cXybpiyzfYp7lWK1acwFA%3D%3D
webchat.birdeye.com/ Name: AWSALBCORS
Value: mlRWhKmcgRnWfgM/vD3stSgsYu9sar8oqrUcNMvZLivVQfN1BqmrNUq/TLuD57SD0SH7U5J3p/XIgEuM0zT772qd3wTjTTJw03d25fCWmVU6Ef4npEAIsDNUEg88

54 Console Messages

Source Level URL
Text
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1333441313692033?v=2.9.150&r=stable&domain=www.heerlaw.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heerlaw.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://birdeye.com/embed/v6/212351/1/1274932826/3dc097cddd5d176d4e668673493d9335df09520aaf3243f1(Line 41)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://birdeye.com/embed/v6/212351/1/1274932826/3dc097cddd5d176d4e668673493d9335df09520aaf3243f1(Line 50)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://birdeye.com/embed/v6/212351/1/1274932826/3dc097cddd5d176d4e668673493d9335df09520aaf3243f1(Line 51)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.platform.illow.io
bat.bing.com
birdeye.com
cdn.icomoon.io
connect.facebook.net
d1azc1qln24ryf.cloudfront.net
d3cnqzq0ivprch.cloudfront.net
ddjkm7nmu27lx.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
heerlaw.com
platform.illow.io
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
sgtm.heerlaw.com
snap.licdn.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
webchat.birdeye.com
widgets-v7.birdeye.com
www.facebook.com
www.google.com
www.google.de
www.heerlaw.com
www.linkedin.com
104.244.42.133
104.244.42.3
13.107.42.14
13.32.118.38
146.75.120.157
18.245.62.93
18.66.147.31
2001:4860:4802:32::36
2400:52e0:1e00::1078:1
2600:9000:2491:a200:16:fecd:21c0:21
2606:4700:3108::ac42:2872
2606:4700:3108::ac42:2b8e
2606:4700::6810:4f49
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:803::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:829::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9d
2a02:26f0:3500:16::215:149b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.69.116.253
35.193.123.107
52.8.98.78
54.219.55.129
0173900051eca3e73d1ff9febfe462216ec16101ca2020cf2e296cf03804861f
080e668f4d6abe04b61ba984af0430b89b03d0043738a97703de0f57c5e3fb55
0eb52841327b868ace2eb7d0a7ecd8f8af01a53d586eba23136fc37b98fdf809
138cf4ce8e23a88ffea4beee68f09116c7c5dce88bb2aa3240f93ab86e8490a3
14c29b3d8c7a5955dfec617a7081421c3fd639760291d932114c94a0b9e7ddce
1706b40397f2758d8d13ea57199acee5e6859bab47cfa90645a6445897171411
19003bda0af25def358e5f521924bc2658b65dc47ca722fbba68684516a3ec48
194ee1066c8df873c3f96fe8abf60d7aef9e72964a2cc8444cbe4eabc3f5f41a
1b295d0cbe36a794ad1e070307ec9cba8c4d515e7edb42272350b6ca77611903
1ec4fbec6b02a439bad4ece44d16811ebe29e374da31c611ab1218220e5a1d04
2161c802892cde2abd9c11d877607abf4105cac0fa0650b49dde06d316ce06b6
22f72eb1c974018c04e51720c5e9d572190b5def9ebf9f4a2784ebd33a62cc35
23b28f02daaa2610141b45998ac15eaaf5c8be7df1410d00ad50f6585fd76284
2b7d3452288cef3342b8db2e74bd7320026c6dc8cd07d6b9568e0d4ddcfdac43
2bac1491e8feef087f0eae24ae022e836b78dd7f5de192adbdfcfc51a447be9b
2c25db0d4db3861efa04a8e571b321b8f2ec1f26768c025f8708c1d3066a584c
2df91b473117de661f362bbd48c678426fc3314e096d65521b6fd6083abaf308
31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2
38df2d555b7590fb1e88d83ae04c98db56bb2419f41fdbed30ad39edef7b28cf
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
3a320891a471c884f1d33e34a7e5b24c4bb3e0234bebcb2d1b0465d286b2e57d
3e0efb3aa1f37bb0cd7e8aff64a821d8c8fd8c2886545ece8adf3bf059613914
41112e5a8e198b00608f3b9a40b9c3a10b443a2d97bee71ab2542c8f7a3c722b
43bf66b8221eb32ef80fcfe46173876a73feaf8e5270583fae76d593de624b2c
485fe94fbdcf659250975a6c3e6364a817f3dfe41bdf34e0b45e253af892dd5d
4c75548f4dd89a8e6e7e668c6a51abe6deab1c58cd28bd9a986f36d5b52f3a06
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
4e88e1b96be299fe55694e316cde7a85da17582309bf2757724988484564eca0
57245ec63c751c091a6ffbd5a5714757952b1969ebf358b7f8321a01adb84f95
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
63c7d49a99f3690baeff8db69c4164f23abcd007d508b588d8b311e78e4d7578
67b5de4d4ec8bf8f0a4b1072f96248fa5105aa650ab96826b9e1dabd580d9398
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
70d6e250e3c1f98cdc80110c9403b8a4dc802c4eaa421177eaafd2c354f30ca6
779865aa88c55099ab49e1559fb392b209469f9d96f32bbe8df5e72b5d6807ec
7838df8b87dc908efb38a9c6461c8c42113d3bccf33192f18d9415e4084522bd
7e5107ae65e5904c1a187d3a3cf864c8bd63aa4867314902fc789b71cd3d4170
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
829870f4df97fb9b39defdd22d8178dc3c8e5a5910687d4427114369c67c8d82
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85
88b7b60abfbcd15997d22d2839830aa4593142a21fc2b7be01f6896ac3d27310
8955274567e7fe987a9de393cf379bb4c3d4fa37e124414f5f2385d6c1e9e770
8a91bf53b415247694755ef78d21c629ddb4ead2008de169459b166870784e05
8d469db4a35ccf4be9acc1d38747cbd3df8bbccbc4a4503010dce84312be3ccb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b8cb4156e61d26dfdc3d270e9a846a91568f239044ee1ff0a9da22f4f505ac32
bb388b6d0cca7502cd083e2b4c5a013d6a4437ae2477e738ef675248bf77df5a
bc5e222eac610cf8dab86e7c0e34e1e035cc67ec5fe097bfc52ab29462dd52c8
bd1c7065493814e93a13eee0c961cb7e68d7b8b4cacb4a9326aab2b2c986f4f4
c59f3ba94e761497a4b1e94125a40d4363b28c55b24003bdb73243660499905d
c7094491ea71a66e3154aa305ab7d97a543cb8fba7f7ff2319df08defc77c725
ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0e8e41304ba0911dd46cb187cbc21ec890338123aed8c1b3e47402a9bd3e3eb
d21061f14e2946d63eea8af382077bcc6a2541971a7a507f6b98527724b2a645
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
dc7c6b3ad9ff7a1db26ddea3fe1de334e37cfad133393c65c57c445408428ef3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e887271c203db4703ab490c2082ea7162ed4b526508073d151b718d331e52573
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f259146b8a1803e08f79ccb8f4babf6043187a044479afbb1a61572f230a1872
f59d04741a5779593b6625328a353a7df3d2c6254b4428a339dc6472e05780b0
f5df67e620930892df72a02097cd31909aea56ea0501dbe12f09a9a2f3f88731
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb3084b6aafbd57352e66ecf56e47b8ed9fc8eb669e5a8679d7e75e9b153dba3
fbcef8d5be2b327c4e1a1f7628377038a2c76b243df7852878253d5a5d3fffd3