urlscan.io logo urlscan.io
SecurityTrails logo

heiweb.co Open in urlscan Pro
35.71.142.77  Public Scan

Go To Rescan Add Verdict Report
URL: https://heiweb.co/
Submission: On April 11 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 30 HTTP transactions. The main IP is 35.71.142.77, located in United States and belongs to AMAZON-02, US. The main domain is heiweb.co.
TLS certificate: Issued by R3 on March 22nd 2024. Valid for: 3 months.
This is the only time heiweb.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    35.71.142.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0b1d980e1f2226c6.awsglobalaccelerator.com
heiweb.co
22    2600:9000:21a2:d600:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)
framerusercontent.com
3    13.225.195.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-63.yul62.r.cloudfront.net
events.framer.com
2    2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:9000:26a0:3800:d:6b42:4ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.framerstatic.com
4    2600:9000:269f:6000:10:9b9d:b9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
framer.com
Apex Domain
Subdomains		 Transfer
22 framerusercontent.com
framerusercontent.com — Cisco Umbrella Rank: 67710
627 KB
7 framer.com
events.framer.com — Cisco Umbrella Rank: 83132
framer.com — Cisco Umbrella Rank: 71813
18 KB
2 framerstatic.com
app.framerstatic.com — Cisco Umbrella Rank: 129408
40 KB
2 gstatic.com
fonts.gstatic.com
66 KB
1 heiweb.co
heiweb.co
25 KB
30 5
Domain Requested by
22 framerusercontent.com heiweb.co
framerusercontent.com
4 framer.com 4 redirects
3 events.framer.com heiweb.co
events.framer.com
2 app.framerstatic.com heiweb.co
2 fonts.gstatic.com heiweb.co
1 heiweb.co
30 6

This site contains links to these domains. Also see Links.

Domain
www.becomingskilled.com
www.2foqus.nl
www.cineshotz.com
www.linkedin.com
www.instagram.com
Subject Issuer Validity Valid
heiweb.co
R3		 2024-03-22 -
2024-06-20		 3 months crt.sh
framerusercontent.com
Amazon RSA 2048 M02		 2023-12-18 -
2025-01-14		 a year crt.sh
events.framer.com
Amazon RSA 2048 M03		 2024-04-09 -
2025-05-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
framerstatic.com
Amazon RSA 2048 M02		 2023-10-23 -
2024-11-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://heiweb.co/
Frame ID: B0866F1B4EE118D0EF07BC666C47CC04
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hei Web - Your Creative Digital Partner

Detected technologies

Overall confidence: 100%
Detected patterns
  • right\.js

Page Statistics

30
Requests

87 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

6
IPs

1
Countries

775 kB
Transfer

1744 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://framer.com/m/phosphor-icons/ArrowDown.js@0.0.53 HTTP 302
  • https://framerusercontent.com/modules/NXwdBUtZ003sEGrOAyKh/FUv39zCWd3QwJ2fFkU8c/ArrowDown.js
Request Chain 26
  • https://framer.com/m/phosphor-icons/CaretDown.js@0.0.53 HTTP 302
  • https://framerusercontent.com/modules/eKe8eUinUxgx4ANiuZFY/OJE1fI7mUQmZrxmADHEE/CaretDown.js
Request Chain 27
  • https://framer.com/m/phosphor-icons/CaretRight.js@0.0.53 HTTP 302
  • https://framerusercontent.com/modules/4DdaUvaccgEgxMd5tHRL/VhPOCX2CdkL3402L9YQS/CaretRight.js
Request Chain 28
  • https://framer.com/m/phosphor-icons/ArrowUpRight.js@0.0.53 HTTP 302
  • https://framerusercontent.com/modules/KXToc4n8n0VjRJoxIyl7/yaOJD3ARz8xZAr0o5IGy/ArrowUpRight.js

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heiweb.co/ 		302 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.142.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0b1d980e1f2226c6.awsglobalaccelerator.com
Software
Caddy/9782a62 /
Resource Hash
aebf5b70fb47e108968379f5916c446228472a2794b3170ba22866f7d2edeab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-length
25247
content-type
text/html
date
Thu, 11 Apr 2024 02:08:02 GMT
etag
"066f18518dffbe6753f1290c04626d7c"
last-modified
Sun, 17 Mar 2024 15:27:18 GMT
link
<https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server
Caddy/9782a62
server-timing
region;desc="us-east-1", cache;desc="cached", ssg-status;desc="optimized", version;desc="9782a62"
strict-transport-security
max-age=31536000
vary
Accept-Encoding
chunk-6WDEMC7O.mjs
framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/ 		237 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/chunk-6WDEMC7O.mjs
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
267491e1e453029432940ad75fc1ce0c1153384d4459593beedf23a8177ea75d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
Origin
https://heiweb.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 21 Mar 2024 00:38:21 GMT
x-amz-version-id
saycHJBjPIr.ta4qIZ.J.q8oJ.aJq_O_
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e404a2eabfdbde8f3eb87125622c56ca.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
1819783
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-rid;desc="fvBPE1_z6Mj8vfhmoHlNUeVJT8cfY_1DRwvHUO1rVob_dvOiAdG-Ng==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=20
alt-svc
h3=":443"; ma=86400
content-length
237
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 17 Mar 2024 15:27:17 GMT
server
CloudFront
etag
"a5d6f034ba73d9612d589d67f3ae0597"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
fvBPE1_z6Mj8vfhmoHlNUeVJT8cfY_1DRwvHUO1rVob_dvOiAdG-Ng==
chunk-AZ7G4CHE.mjs
framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/ 		561 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/chunk-AZ7G4CHE.mjs
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c55f013d646c5b6350d39da5f91f9c261bcfaefbaf0f746f9b0bc984a5fbc798
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
Origin
https://heiweb.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 22:26:40 GMT
x-amz-version-id
_TErhGcZozucLyNpbIeFQ0fXqiFaNv9N
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e404a2eabfdbde8f3eb87125622c56ca.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
age
13284
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-rid;desc="p4yG6co7t_Psy3_n181SXw0zBI-LwX3-GnMBfEEY5GkDs_uBA91sfQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=18
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 17 Mar 2024 15:27:17 GMT
server
CloudFront
etag
W/"9b5e00fdf07255a0311a6717d6fe859b"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
p4yG6co7t_Psy3_n181SXw0zBI-LwX3-GnMBfEEY5GkDs_uBA91sfQ==
chunk-ELYU6EKT.mjs
framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/ 		447 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/chunk-ELYU6EKT.mjs
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
Origin
https://heiweb.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 10:42:13 GMT
x-amz-version-id
GDMXhk9qr0P59aJr1qOWCMVvidB0Bgng
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e404a2eabfdbde8f3eb87125622c56ca.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
314751
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-rid;desc="5xyb0-tCl5P4XJen4J06QzLXMgk3tTDAkMZo14clLK81d86EytgKfQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=31
alt-svc
h3=":443"; ma=86400
content-length
447
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 17 Mar 2024 15:27:17 GMT
server
CloudFront
etag
"bac0d5b5f6a61029b51079932ccda746"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
5xyb0-tCl5P4XJen4J06QzLXMgk3tTDAkMZo14clLK81d86EytgKfQ==
WiyNbQw_QgdwNHfhX06w-5tgqOorKwUkKxitgdw9ZPw.ZIYIULIV.mjs
framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/ 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/WiyNbQw_QgdwNHfhX06w-5tgqOorKwUkKxitgdw9ZPw.ZIYIULIV.mjs
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
f838c5d392746ddc720b31131edf03a234a29a99638acbc795dfd11be40a67fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
Origin
https://heiweb.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 22:26:40 GMT
x-amz-version-id
.gMwzy2gtei1jVQNoNpe1Q6PlbtaINV6
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e404a2eabfdbde8f3eb87125622c56ca.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
age
13284
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-rid;desc="APe382ILz1KJqSbVU509ukU7idO2SGqpNsCvXcXLmUL5sQujb3eelA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=17
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 17 Mar 2024 15:27:17 GMT
server
CloudFront
etag
W/"b911cfb0e3779402d6e7a28cc107272f"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
APe382ILz1KJqSbVU509ukU7idO2SGqpNsCvXcXLmUL5sQujb3eelA==
chunk-HPYSUEXT.mjs
framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/chunk-HPYSUEXT.mjs
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
1137187ae7bebb853720c2c6781bc7ede9554d5f64caf937194e4c2a5ce9ab18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
Origin
https://heiweb.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 21 Mar 2024 00:38:21 GMT
x-amz-version-id
tSqmazgbxkCsR5lHp_HBXhbbFEUyGwnE
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e404a2eabfdbde8f3eb87125622c56ca.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
age
1819783
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-rid;desc="4UqiqNQEebJRzcmKniliVL_nYkbJMYwfgl3U7EZMIpcZNLHMOJENjw==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=18
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 17 Mar 2024 15:27:17 GMT
server
CloudFront
etag
W/"07f87f96c0ed589ed6a5018226f5eb08"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
4UqiqNQEebJRzcmKniliVL_nYkbJMYwfgl3U7EZMIpcZNLHMOJENjw==
chunk-QXCA6PX6.mjs
framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/chunk-QXCA6PX6.mjs
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
6ef075fd539096f53cd5f32a4e3b6d45610e85d0537c1827b426e18694282281
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
Origin
https://heiweb.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 21 Mar 2024 00:38:21 GMT
x-amz-version-id
HmWyFTGmoEi_WR9ETpw9fDpMsa0fElsg
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e404a2eabfdbde8f3eb87125622c56ca.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
age
1819783
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-rid;desc="V1nyu5OoU4V9HMzk8nGYNKFvFGpolXU5kHa6OnPX8e4UHhjV8l-Fvg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=19
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 17 Mar 2024 15:27:17 GMT
server
CloudFront
etag
W/"535b6f8772985fc628ab4db979f88e02"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
V1nyu5OoU4V9HMzk8nGYNKFvFGpolXU5kHa6OnPX8e4UHhjV8l-Fvg==
chunk-332QZSVO.mjs
framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/ 		67 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/chunk-332QZSVO.mjs
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c0dc37c77604e3eb2e9e61570b8a8e6605381c0a7ff2b90b59e6571e7163f147
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
Origin
https://heiweb.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 21 Mar 2024 00:38:21 GMT
x-amz-version-id
9bAr3ooY5Qxun_BKaAyY2kygZiAxZGlH
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e404a2eabfdbde8f3eb87125622c56ca.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
age
1819783
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-rid;desc="Y7oqXW3STYQs2hIKj4SadhMNjnVoZRtbEQrdeM0mHDie-hyVF_hgBg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=20
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 17 Mar 2024 15:27:17 GMT
server
CloudFront
etag
W/"955790e08b457d43ead19c58c5a1a5e1"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
Y7oqXW3STYQs2hIKj4SadhMNjnVoZRtbEQrdeM0mHDie-hyVF_hgBg==
chunk-AYZRM4IZ.mjs
framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/ 		736 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/chunk-AYZRM4IZ.mjs
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ec28e5f5fef3bef77f969487918dd7321158aa3a04336cc391b0e7bbda3c4b25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
Origin
https://heiweb.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 22:26:40 GMT
x-amz-version-id
aa2MAfj9RbSMyq_1t57sIEFQZMIGJUUS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e404a2eabfdbde8f3eb87125622c56ca.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
13284
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-rid;desc="Z1DRHxNuQ-BgYZTmLmUGf6g1KinKfiNYOc8zF4YNR71uREDBhnPMgQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=18
alt-svc
h3=":443"; ma=86400
content-length
736
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 17 Mar 2024 15:27:17 GMT
server
CloudFront
etag
"6dff7982b049683cd5207850cbdf016f"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Z1DRHxNuQ-BgYZTmLmUGf6g1KinKfiNYOc8zF4YNR71uREDBhnPMgQ==
chunk-XI7G53YV.mjs
framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/ 		71 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/chunk-XI7G53YV.mjs
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
9d8c17be0bb2c9c07880060cce2f641c1356c2245b237de6111634ed81ced7f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
Origin
https://heiweb.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 21 Mar 2024 00:38:21 GMT
x-amz-version-id
PqutWTIwmXwwUF19_Ggga5Hzu9_X9tTT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e404a2eabfdbde8f3eb87125622c56ca.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
age
1819783
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-rid;desc="LiO6WS0_u-fEDan2AXvWTT6YvyIZLG5Ke18imxvsRxdSh8Yvp9wytA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=45
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 17 Mar 2024 15:27:17 GMT
server
CloudFront
etag
W/"7075adcc13c2210bfedbe8b105d67419"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
LiO6WS0_u-fEDan2AXvWTT6YvyIZLG5Ke18imxvsRxdSh8Yvp9wytA==
chunk-3IB65IVU.mjs
framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/chunk-3IB65IVU.mjs
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
6a41f9412fab5928dc61c82f4ae91a2bca077b3809c1bbba623c21ea50ef2cd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
Origin
https://heiweb.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 22:26:40 GMT
x-amz-version-id
UOZbgnMCHuiSxhoqaSOkNZqI_tkjfIOn
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e404a2eabfdbde8f3eb87125622c56ca.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
age
13284
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-rid;desc="CvM99nAWls3WMLu4gLbSphStTVMutZNrbNy4sVHnTrnmfaftPYp9lg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=17
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 17 Mar 2024 15:27:17 GMT
server
CloudFront
etag
W/"904bbff9f9ce4f70b5d83a54b1abe2c5"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
CvM99nAWls3WMLu4gLbSphStTVMutZNrbNy4sVHnTrnmfaftPYp9lg==
script
events.framer.com/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/script
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-63.yul62.r.cloudfront.net
Software
/
Resource Hash
03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 02:08:03 GMT
via
1.1 13a23f310e3fbe72fa9a84a5fd5d4b88.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
15882
x-amz-cf-pop
YUL62-C1
x-amzn-trace-id
Root=1-66174603-0a7e929d05d620791e4ff913
x-amzn-requestid
945750f1-e9bd-4616-9bfd-ef69a02eab52
x-cache
Miss from cloudfront
content-type
text/javascript
timestamp
Thu, 11 Apr 2024 02:07:05 GMT
x-amz-apigw-id
WCfgnHUyoAMEtRA=
content-length
15882
x-amz-cf-id
8GrVPXVpEn6LUcK15Ojj8YVveoqM1Qe3FXvQChS_fl1hhFO9JuEVcw==
ts98wstp9Ptrxvv5SzjNG5Axivo.svg
framerusercontent.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/ts98wstp9Ptrxvv5SzjNG5Axivo.svg
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
24c259fc4bc1fc3afbc92fe292da68f065d287c64ec2f6658e25f872de7a5e1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 14 Mar 2024 13:37:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 6e86c05ccf44b10b3a7071fb1573829a.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
2377860
x-amzn-requestid
4f102a7f-2632-400c-b3e0-6f57e3d89593
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-rid;desc="n_W8lFilRN4mioKYe1Mzz5SI8sFZ9Vv9wA3teBeZY2Zx9ezloLBYmQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=16
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-65f2fd7f-7ae87ed439aff1ec6243cd78;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
n_W8lFilRN4mioKYe1Mzz5SI8sFZ9Vv9wA3teBeZY2Zx9ezloLBYmQ==
FSw713AYcXxaftwtHuZMSTDaiE.png
framerusercontent.com/images/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/FSw713AYcXxaftwtHuZMSTDaiE.png
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
79674802088ed7402f7994dc8096beeb07565f3041f30184bb03653ef4755d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 17 Mar 2024 14:31:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 6e86c05ccf44b10b3a7071fb1573829a.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
2115410
x-amzn-requestid
c981a4f5-363e-4b74-943e-9685da942be8
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-rid;desc="l6ZAepbQK31yc9y2x-dPtF1FFVAe7ssOZ4bZ9NVCvdOQgqFt-VPw4Q==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=20
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-65f6feb1-0fbef3ae2118e0282e3b2eeb;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
l6ZAepbQK31yc9y2x-dPtF1FFVAe7ssOZ4bZ9NVCvdOQgqFt-VPw4Q==
c3gcLFAzfwXiJo7frHpOGbR7TLc.png
framerusercontent.com/images/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/c3gcLFAzfwXiJo7frHpOGbR7TLc.png?scale-down-to=1024
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
49404fcacb34cda7286847ffd29c895cf299ebeea486bab1addebf12e6626026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 17 Mar 2024 15:15:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 6e86c05ccf44b10b3a7071fb1573829a.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
2112757
x-amzn-requestid
40a42c1c-be2c-4606-ae48-c84ce0ae40c4
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-rid;desc="t4Gf-d5Yhovg2TnEkCLIAtCjjlhfPLh1TIM5DwJI1gQyUNF1LXzcKQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=18
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-65f7090e-4ab598ef0bd55dc26fd90d7d;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
t4Gf-d5Yhovg2TnEkCLIAtCjjlhfPLh1TIM5DwJI1gQyUNF1LXzcKQ==
prcUCw9wULll5rmIPL9Sd7HJGI.png
framerusercontent.com/images/ 		191 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/prcUCw9wULll5rmIPL9Sd7HJGI.png?scale-down-to=2048
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1b6c586a895fbf99102c4fdfcdc1efb996af745a280950737fc947b1f09fb560
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 18 Mar 2024 11:30:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 6e86c05ccf44b10b3a7071fb1573829a.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
2039838
x-amzn-requestid
8a4b7a18-346a-41dd-a3bf-b240d77d84b3
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-rid;desc="fXioznnsv7sU7cQNi8twaXKx1K1PFiBl6zwUQzFEOJVNgp0EBXhoGg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=17
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-65f825e4-649b205f4656bd17344787a2;parent=55bcc75bc1078ee5;sampled=0;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
fXioznnsv7sU7cQNi8twaXKx1K1PFiBl6zwUQzFEOJVNgp0EBXhoGg==
truncated
/ 		253 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4748cc26d3a5e8ea4071edb45af0f1c3a98c32dcf1a40f7ac097b2f694731f5c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
NGSwv5HMAFg6IuGlBNMjxLsH8ag.woff2
fonts.gstatic.com/s/intertight/v7/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/intertight/v7/NGSwv5HMAFg6IuGlBNMjxLsH8ag.woff2
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca34455f82a5c81d8111c6a641771c011e95767e64efc8a52f82299896028c57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
Origin
https://heiweb.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 08:05:27 GMT
x-content-type-options
nosniff
age
64956
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45072
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:57:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Apr 2025 08:05:27 GMT
NGSnv5HMAFg6IuGlBNMjxJEL2VmU3NS7Z2mjpgiaWy5S.woff2
fonts.gstatic.com/s/intertight/v7/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/intertight/v7/NGSnv5HMAFg6IuGlBNMjxJEL2VmU3NS7Z2mjpgiaWy5S.woff2
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0648f3bf0cffa481c46d71552425b2ec3895fc440c84e3c9c5a6269a36eb5b0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
Origin
https://heiweb.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 21:56:04 GMT
x-content-type-options
nosniff
age
274319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22340
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:30:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Apr 2025 21:56:04 GMT
Inter-Bold.latin-UCM45LQF.woff2
app.framerstatic.com/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.framerstatic.com/Inter-Bold.latin-UCM45LQF.woff2
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a0:3800:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e7c0f0baf495ababe3f877837b419d6e3386ea06f7f39e66c34b1d639e55a5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
Origin
https://heiweb.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 21 Oct 2023 13:40:07 GMT
x-amz-version-id
null
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 7d7c52d1848969f2077d9502aa06f40e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
age
14905677
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20000
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 21 Oct 2023 12:57:47 GMT
server
CloudFront
etag
"463f0c722a07aa2be781488e9fc88aca"
x-frame-options
deny
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3600
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Q7zcdEwiMNTRzaBfPtbZyjDtAuHW35NzBOPoZREn43pdTYkRVxOl6Q==
Inter-Light.latin-EKF76FXR.woff2
app.framerstatic.com/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.framerstatic.com/Inter-Light.latin-EKF76FXR.woff2
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a0:3800:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
1e8189a38b92a15259b45a79b04919fe8168e3bbc802f5ea603e1386e9dcfbac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
Origin
https://heiweb.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 Nov 2023 03:29:52 GMT
x-amz-version-id
null
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 7d7c52d1848969f2077d9502aa06f40e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
age
12436692
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19716
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 18 Nov 2023 20:16:00 GMT
server
CloudFront
etag
"aa51fe2047c2fa2f0afc9d2389b0f079"
x-frame-options
deny
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3600
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
P0ZO9vtnJ3pCkGIpxL7y21M_OhpmpgNys7mB1jMJLpJun9TuaD2tGQ==
default_script0.2SNWPZ35.mjs
framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/default_script0.2SNWPZ35.mjs
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
fb873df00b6cfdc365dac632f79902785419f61f6154e33a332ed592b33bdd1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
Origin
https://heiweb.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 22:26:40 GMT
x-amz-version-id
CkMnU8mHOJHNMH0Oj2ALEt9ECjMgeILi
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e404a2eabfdbde8f3eb87125622c56ca.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
age
13284
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-rid;desc="BmWAEMAQ7kb2eLU-334XXD2wqB24c0Dp9f6r_azyQc36WIVaVliKJg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=19
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 17 Mar 2024 15:27:17 GMT
server
CloudFront
etag
W/"afb2b64501415bb7c75cebd77b77c886"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
BmWAEMAQ7kb2eLU-334XXD2wqB24c0Dp9f6r_azyQc36WIVaVliKJg==
anonymous
events.framer.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Requested by
Host: events.framer.com
URL: https://events.framer.com/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-63.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://heiweb.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Apr 2024 02:08:03 GMT
via
1.1 1ae294433a6f4b338a8136481c1a3232.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amzn-trace-id
Root=1-66174603-21a194c14254866f0b158e6c;Sampled=1;lineage=c457ad49:0
x-amzn-requestid
24d22dcd-7d43-4e95-a52a-681b904eff6e
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
WCfgpFLRIAMEIcA=
content-length
0
x-amz-cf-id
w6NgsfC65xnfZ2Xa4zaEhTZ-g2ELV1BZCTHEmJ_tEHJs2ZkIk4wQew==
anonymous
events.framer.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-63.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://heiweb.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 11 Apr 2024 02:08:03 GMT
via
1.1 1ae294433a6f4b338a8136481c1a3232.cloudfront.net (CloudFront)
x-amz-apigw-id
WCfgoFBvoAMEIrw=
x-amz-cf-id
BqUQ5fjS4P2sguYBg2rGLOV9RXvfAB8Q_FphJEKF2mjmRX2ENEqL7w==
x-amz-cf-pop
YUL62-C1
x-amzn-requestid
7c7bc2d2-3e2b-432e-a90f-3952a5a950cb
x-cache
Miss from cloudfront
6HjSWdoWlD3AMWkzCLW4F5JI2w.png
framerusercontent.com/images/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/images/6HjSWdoWlD3AMWkzCLW4F5JI2w.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
894847ae5f2e35a868253a4f7118deeaed246a71e14f4da9437bb524f3211d9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heiweb.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 15:40:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 4208b3c43704306e2eddbba95ee93dc4.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
1247237
x-amzn-requestid
15eae2f4-fea6-413f-9f46-3d8c6af3ff12
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-hit-layer;desc="REC",cdn-rid;desc="m6OP5ZKQvIafoxLFga1pFXGpO0eNH9AgcxUZibqomSEMqEgksNBs_Q==",cdn-downstream-fbl;dur=17
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-66043dfe-77f5bf971177196d4c4c52eb;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
m6OP5ZKQvIafoxLFga1pFXGpO0eNH9AgcxUZibqomSEMqEgksNBs_Q==
-81uiUYQqw-bT_nYdPydo4X_Pih6GK56Ysen92q0tFA.UZ4OJUSD.mjs
framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/ 		120 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/-81uiUYQqw-bT_nYdPydo4X_Pih6GK56Ysen92q0tFA.UZ4OJUSD.mjs
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/default_script0.2SNWPZ35.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
f15ad29cf928dae7ca7e3f6f52eb29d84554133f97549530496a4c0f46e1d36f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/default_script0.2SNWPZ35.mjs
Origin
https://heiweb.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 22:26:41 GMT
x-amz-version-id
Be2F.npZloAYAXqrJheXiUHImM_39Tdv
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e404a2eabfdbde8f3eb87125622c56ca.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
age
13282
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-rid;desc="URQ1lxP2Sb4BDsTQ-V0KjKqdKMwU09sszUz5psQGyZXIFymBZI1ayg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=17
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 17 Mar 2024 15:27:17 GMT
server
CloudFront
etag
W/"b88f0f9608f94ebab9504f2d3e255db3"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
URQ1lxP2Sb4BDsTQ-V0KjKqdKMwU09sszUz5psQGyZXIFymBZI1ayg==
ArrowDown.js
framerusercontent.com/modules/NXwdBUtZ003sEGrOAyKh/FUv39zCWd3QwJ2fFkU8c/
Redirect Chain
  • https://framer.com/m/phosphor-icons/ArrowDown.js@0.0.53
  • https://framerusercontent.com/modules/NXwdBUtZ003sEGrOAyKh/FUv39zCWd3QwJ2fFkU8c/ArrowDown.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/modules/NXwdBUtZ003sEGrOAyKh/FUv39zCWd3QwJ2fFkU8c/ArrowDown.js
Protocol
H3
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fb5cf00f41b78ed6ea2ed8c15fa46ec18f20cfad83820b0839c80710d20447c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://framerusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 04 Apr 2024 06:56:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
587495
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="CnOFdrAwwRUpvvvCzG5b6R0t3XZTS62MZAEAx1-pobJtLF566vyQ7w==",cdn-downstream-fbl;dur=3
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
vary
Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
CnOFdrAwwRUpvvvCzG5b6R0t3XZTS62MZAEAx1-pobJtLF566vyQ7w==

Redirect headers

date
Thu, 11 Apr 2024 02:05:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 4abd8708c8464a6586e6829348c23522.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
age
163
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
115
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
location
https://framerusercontent.com/modules/NXwdBUtZ003sEGrOAyKh/FUv39zCWd3QwJ2fFkU8c/ArrowDown.js
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
BDVtM2nLVhY2Y6PFKiZ3zweQdGNahBMAT7kdT-EVkUnzTKwKsxwyLw==
CaretDown.js
framerusercontent.com/modules/eKe8eUinUxgx4ANiuZFY/OJE1fI7mUQmZrxmADHEE/
Redirect Chain
  • https://framer.com/m/phosphor-icons/CaretDown.js@0.0.53
  • https://framerusercontent.com/modules/eKe8eUinUxgx4ANiuZFY/OJE1fI7mUQmZrxmADHEE/CaretDown.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/modules/eKe8eUinUxgx4ANiuZFY/OJE1fI7mUQmZrxmADHEE/CaretDown.js
Protocol
H3
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c727f0f35e25596a48c19f788abff99dc3b08ff66c2ecc6da9693912ee21796f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://framerusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Apr 2024 01:42:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
174344
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="c4uOK56h5GNKBJCcFMqthM8j3giQ_VV4wOm-fbtYBbu8_ZouDLb97Q==",cdn-downstream-fbl;dur=2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
vary
Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
c4uOK56h5GNKBJCcFMqthM8j3giQ_VV4wOm-fbtYBbu8_ZouDLb97Q==

Redirect headers

date
Thu, 11 Apr 2024 01:41:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 4abd8708c8464a6586e6829348c23522.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
age
1573
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
115
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
location
https://framerusercontent.com/modules/eKe8eUinUxgx4ANiuZFY/OJE1fI7mUQmZrxmADHEE/CaretDown.js
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
nU-j_n7VnxJW3hOyfuEwvCCtaCVSbcpS1g0H16EOcxWKGh9LyYWCRA==
CaretRight.js
framerusercontent.com/modules/4DdaUvaccgEgxMd5tHRL/VhPOCX2CdkL3402L9YQS/
Redirect Chain
  • https://framer.com/m/phosphor-icons/CaretRight.js@0.0.53
  • https://framerusercontent.com/modules/4DdaUvaccgEgxMd5tHRL/VhPOCX2CdkL3402L9YQS/CaretRight.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/modules/4DdaUvaccgEgxMd5tHRL/VhPOCX2CdkL3402L9YQS/CaretRight.js
Protocol
H3
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6940d9078be57d783dd98243c65b9be0afb8fe741f20fa5d7dff4d38c3b4f9cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://framerusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sun, 07 Apr 2024 05:03:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
335085
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="tt0t4DbcF6_8aqhoWuFu12OWYaSPfrfyQSwv1hDh_PBcJT2RCISIIQ==",cdn-downstream-fbl;dur=1
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
vary
Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
tt0t4DbcF6_8aqhoWuFu12OWYaSPfrfyQSwv1hDh_PBcJT2RCISIIQ==

Redirect headers

date
Thu, 11 Apr 2024 01:31:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 4abd8708c8464a6586e6829348c23522.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
age
2206
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
116
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
location
https://framerusercontent.com/modules/4DdaUvaccgEgxMd5tHRL/VhPOCX2CdkL3402L9YQS/CaretRight.js
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
zyektsnZT-J4_lWVfytuYx9kFr6wBcnrq4woMrMiSKBDuFX4SQtNug==
ArrowUpRight.js
framerusercontent.com/modules/KXToc4n8n0VjRJoxIyl7/yaOJD3ARz8xZAr0o5IGy/
Redirect Chain
  • https://framer.com/m/phosphor-icons/ArrowUpRight.js@0.0.53
  • https://framerusercontent.com/modules/KXToc4n8n0VjRJoxIyl7/yaOJD3ARz8xZAr0o5IGy/ArrowUpRight.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/modules/KXToc4n8n0VjRJoxIyl7/yaOJD3ARz8xZAr0o5IGy/ArrowUpRight.js
Protocol
H3
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0833ee878a41efe529c2b34845d940248b4625d2995c7d068cffe323de3d7723
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://framerusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Apr 2024 03:34:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
254021
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="SSVrHAGCcwOnFU1AzIoJQGpd33eLSj7JAttqjDkL19b5O-2YemaKVA==",cdn-downstream-fbl;dur=2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
vary
Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
SSVrHAGCcwOnFU1AzIoJQGpd33eLSj7JAttqjDkL19b5O-2YemaKVA==

Redirect headers

date
Thu, 11 Apr 2024 01:10:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 4abd8708c8464a6586e6829348c23522.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
age
3461
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
118
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
location
https://framerusercontent.com/modules/KXToc4n8n0VjRJoxIyl7/yaOJD3ARz8xZAr0o5IGy/ArrowUpRight.js
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
I_4K88SxBfQk7eXEt5p0VgTJxz2JdoMRuOc1L46ZQIkBRLNBcb6aaQ==
chunk-KLMC6XFQ.mjs
framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/chunk-KLMC6XFQ.mjs
Requested by
Host: heiweb.co
URL: https://heiweb.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:d600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
891c5e1f428d3d220296d8b12f60edf4589823b56c528f4844611512f798b444
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://framerusercontent.com/sites/3YgURAXUO46eoOEWT0G4TG/-81uiUYQqw-bT_nYdPydo4X_Pih6GK56Ysen92q0tFA.UZ4OJUSD.mjs
Origin
https://heiweb.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 10:35:50 GMT
x-amz-version-id
W_P6pdEE9rmZWA0hG47ZY.rF.5vRbrYu
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
age
1438334
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-C1",cdn-hit-layer;desc="REC",cdn-rid;desc="zl3t2pKA_Vmohvhwk-4NsAsWRD1_8810NREUM4VRZ1bu9FOqqXSo2w==",cdn-downstream-fbl;dur=16
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 17 Mar 2024 15:27:17 GMT
server
CloudFront
etag
W/"ec7f434debcbd9075a9a2149ca9310b4"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
zl3t2pKA_Vmohvhwk-4NsAsWRD1_8810NREUM4VRZ1bu9FOqqXSo2w==

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| animator function| HandoffAppearAnimations function| __send_framer_event object| __framer_events function| __framer_importFromPackage object| process boolean| HandoffComplete

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.framerstatic.com
events.framer.com
fonts.gstatic.com
framer.com
framerusercontent.com
heiweb.co
13.225.195.63
2600:9000:21a2:d600:d:ada1:a280:93a1
2600:9000:269f:6000:10:9b9d:b9c0:93a1
2600:9000:26a0:3800:d:6b42:4ec0:93a1
2607:f8b0:4004:c07::5e
35.71.142.77
03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364
0648f3bf0cffa481c46d71552425b2ec3895fc440c84e3c9c5a6269a36eb5b0c
0833ee878a41efe529c2b34845d940248b4625d2995c7d068cffe323de3d7723
1137187ae7bebb853720c2c6781bc7ede9554d5f64caf937194e4c2a5ce9ab18
1b6c586a895fbf99102c4fdfcdc1efb996af745a280950737fc947b1f09fb560
1e8189a38b92a15259b45a79b04919fe8168e3bbc802f5ea603e1386e9dcfbac
24c259fc4bc1fc3afbc92fe292da68f065d287c64ec2f6658e25f872de7a5e1d
267491e1e453029432940ad75fc1ce0c1153384d4459593beedf23a8177ea75d
4748cc26d3a5e8ea4071edb45af0f1c3a98c32dcf1a40f7ac097b2f694731f5c
49404fcacb34cda7286847ffd29c895cf299ebeea486bab1addebf12e6626026
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
6940d9078be57d783dd98243c65b9be0afb8fe741f20fa5d7dff4d38c3b4f9cc
6a41f9412fab5928dc61c82f4ae91a2bca077b3809c1bbba623c21ea50ef2cd7
6ef075fd539096f53cd5f32a4e3b6d45610e85d0537c1827b426e18694282281
79674802088ed7402f7994dc8096beeb07565f3041f30184bb03653ef4755d48
891c5e1f428d3d220296d8b12f60edf4589823b56c528f4844611512f798b444
894847ae5f2e35a868253a4f7118deeaed246a71e14f4da9437bb524f3211d9e
9d8c17be0bb2c9c07880060cce2f641c1356c2245b237de6111634ed81ced7f7
aebf5b70fb47e108968379f5916c446228472a2794b3170ba22866f7d2edeab8
c0dc37c77604e3eb2e9e61570b8a8e6605381c0a7ff2b90b59e6571e7163f147
c55f013d646c5b6350d39da5f91f9c261bcfaefbaf0f746f9b0bc984a5fbc798
c727f0f35e25596a48c19f788abff99dc3b08ff66c2ecc6da9693912ee21796f
ca34455f82a5c81d8111c6a641771c011e95767e64efc8a52f82299896028c57
e7c0f0baf495ababe3f877837b419d6e3386ea06f7f39e66c34b1d639e55a5d5
ec28e5f5fef3bef77f969487918dd7321158aa3a04336cc391b0e7bbda3c4b25
f15ad29cf928dae7ca7e3f6f52eb29d84554133f97549530496a4c0f46e1d36f
f838c5d392746ddc720b31131edf03a234a29a99638acbc795dfd11be40a67fb
fb5cf00f41b78ed6ea2ed8c15fa46ec18f20cfad83820b0839c80710d20447c1
fb873df00b6cfdc365dac632f79902785419f61f6154e33a332ed592b33bdd1f