urlscan.io logo urlscan.io
SecurityTrails logo

www.heitman.com Open in urlscan Pro
23.236.62.72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://heitman.com/
Effective URL: https://www.heitman.com/
Submission: On June 15 via manual from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 34 HTTP transactions. The main IP is 23.236.62.72, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.heitman.com. The Cisco Umbrella rank of the primary domain is 617203.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 19th 2021. Valid for: a year.
This is the only time www.heitman.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 25 23.236.62.72 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 3.92.120.28 14618 (AMAZON-AES)
1 52.54.96.194 14618 (AMAZON-AES)
34 8
25    23.236.62.72 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 72.62.236.23.bc.googleusercontent.com
heitman.com
www.heitman.com
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.google.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    3.92.120.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-28.compute-1.amazonaws.com
pi.pardot.com
1    52.54.96.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com
www2.heitman.com
Apex Domain
Subdomains		 Transfer
26 heitman.com
heitman.com — Cisco Umbrella Rank: 585383
www.heitman.com — Cisco Umbrella Rank: 617203
www2.heitman.com
2 MB
3 google.com
maps.google.com — Cisco Umbrella Rank: 1788
176 KB
2 pardot.com
pi.pardot.com — Cisco Umbrella Rank: 4806
5 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
20 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 125
439 B
1 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 356
450 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 246
24 KB
34 7
Domain Requested by
23 www.heitman.com www.heitman.com
3 maps.google.com www.heitman.com
maps.google.com
2 pi.pardot.com www.heitman.com
pi.pardot.com
2 www.google-analytics.com www.heitman.com
www.google-analytics.com
2 heitman.com 2 redirects
1 www2.heitman.com pi.pardot.com
1 stats.g.doubleclick.net www.google-analytics.com
1 maps.googleapis.com maps.google.com
1 cdnjs.cloudflare.com www.heitman.com
34 9

This site contains links to these domains. Also see Links.

Domain
extranet.heitman.com
Subject Issuer Validity Valid
www.heitman.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-10-27		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-08 -
2022-11-07		 a year crt.sh
www2.heitman.com
R3		 2022-05-06 -
2022-08-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.heitman.com/
Frame ID: F00D09A4F1486126D36F2D0F9F58F430
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Heitman | A Real Estate Investment Management Firm

Page URL History Show full URLs

  1. http://heitman.com/ HTTP 301
    https://heitman.com/ HTTP 301
    https://www.heitman.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

34
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

2618 kB
Transfer

3779 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://heitman.com/ HTTP 301
    https://heitman.com/ HTTP 301
    https://www.heitman.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heitman.com/
Redirect Chain
  • http://heitman.com/
  • https://heitman.com/
  • https://www.heitman.com/
43 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
b896c55548d661128597c19bb4993683ae7fef3816fe3f649f58fd95369b32de
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Wed, 15 Jun 2022 11:43:49 GMT
link
<https://www.heitman.com/>; rel=shortlink
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 11
x-cache-group
normal
x-cacheable
SHORT
x-frame-options
SAMEORIGIN
x-powered-by
WP Engine

Redirect headers

cache-control
max-age=600, must-revalidate
content-length
0
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Wed, 15 Jun 2022 11:43:48 GMT
location
https://www.heitman.com/
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
HIT: 2
x-cache-group
normal
x-cacheable
non200
x-frame-options
SAMEORIGIN
x-powered-by
WP Engine
x-redirect-by
WordPress
js
maps.google.com/maps/api/ 		164 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps/api/js?v=3.8&sensor=false
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
707efcbedff9d1c81d6e2ae30975d64794f53a66a9877ceba5bd877594162b1c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54673
x-xss-protection
0
expires
Wed, 15 Jun 2022 12:13:49 GMT
styles.css
www.heitman.com/wp-content/themes/heitman_childtheme/css/ 		153 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heitman.com/wp-content/themes/heitman_childtheme/css/styles.css?ver=5.9.3
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
31a665942a5da74c7e180d27ce4f7a06f9590328abc5752f543f547e4e4eeaf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
content-encoding
br
last-modified
Wed, 24 Jul 2019 14:15:08 GMT
server
nginx
etag
W/"5d3867ec-264a2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
style.min.css
www.heitman.com/wp-includes/css/dist/block-library/ 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heitman.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
content-encoding
br
last-modified
Wed, 30 Mar 2022 11:30:25 GMT
server
nginx
etag
W/"62443f51-145db"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
styles.css
www.heitman.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heitman.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.4
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
content-encoding
br
last-modified
Tue, 08 Feb 2022 20:54:22 GMT
server
nginx
etag
W/"6202d87e-aab"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
style.css
www.heitman.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/ 		2 KB
764 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heitman.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/style.css?ver=1
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
6c83de5fc90fc5cb12d3f086f9540a4a4beecdd13abcda42ce0f5e9bad4b27f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
content-encoding
br
last-modified
Wed, 16 Dec 2020 20:25:17 GMT
server
nginx
etag
W/"5fda6d2d-759"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
script.js
www.heitman.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/ 		702 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heitman.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.js?ver=1
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
66d18f6dc9983a817863220206f19b9b68ff7413f6f885bd2892c024fcc18252
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
content-encoding
br
last-modified
Wed, 16 Dec 2020 20:25:17 GMT
server
nginx
etag
W/"5fda6d2d-2be"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
slider-img-1.jpg
www.heitman.com/wp-content/uploads/2015/12/ 		316 KB
316 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heitman.com/wp-content/uploads/2015/12/slider-img-1.jpg
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
aaca97140e16497d44d66f0f17a0d93cb899e73114b793a37ab6a9ce1ad2ba0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
last-modified
Thu, 20 Oct 2016 18:34:16 GMT
server
nginx
etag
"58090e28-4ef08"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
323336
slider-img-2.jpg
www.heitman.com/wp-content/uploads/2015/12/ 		220 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heitman.com/wp-content/uploads/2015/12/slider-img-2.jpg
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
ade0d05d8b0d81eb3d03d8c3be4b843ca63ac2ce4592abac4cda17b0a8bedd61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
last-modified
Thu, 20 Oct 2016 18:34:16 GMT
server
nginx
etag
"58090e28-36f4d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
225101
Homepage-15.jpg
www.heitman.com/wp-content/uploads/2015/12/ 		412 KB
413 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heitman.com/wp-content/uploads/2015/12/Homepage-15.jpg
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
04731d2532a607d60c6646a5a86c3f843e5427d29c8871c2d008478c31cc858b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
last-modified
Thu, 20 Oct 2016 18:34:13 GMT
server
nginx
etag
"58090e25-66fe2"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
421858
slider-img-4.4.jpg
www.heitman.com/wp-content/uploads/2015/12/ 		563 KB
564 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heitman.com/wp-content/uploads/2015/12/slider-img-4.4.jpg
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
e51593da25f4e77c80082e80834e58b2116db0834e650ae79413785c58610cce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
last-modified
Thu, 20 Oct 2016 18:34:16 GMT
server
nginx
etag
"58090e28-8cbe1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
576481
slider-img-5.jpg
www.heitman.com/wp-content/uploads/2015/12/ 		395 KB
396 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heitman.com/wp-content/uploads/2015/12/slider-img-5.jpg
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
6f76055b633f3918b38d00cd328d12d3f321a57ba2f057b0829a63c93e4e7673
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
last-modified
Thu, 20 Oct 2016 18:34:16 GMT
server
nginx
etag
"58090e28-62b4d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
404301
swiper.js
cdnjs.cloudflare.com/ajax/libs/Swiper/3.2.7/js/ 		175 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/3.2.7/js/swiper.js
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47668a9a03dd34c9ff2cab900975ddb3d14b1cd915f55a8822aad2ed00cff54d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23770201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23934
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf2-2bde4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJGQlwtE7f24xCBwAqo0YQ%2FKKYQBoqdq3ywuLYHxnnOFn2XzOTdhNiCwZSeIaIsAGk5KqRvnjQSAc%2BWKRc6OVZeRDiWcMluXprJ0%2BNODTG8e5Xwitk%2BqB6pYIpB8SftCsSfUyvzIY32RUMG2hm8u8lBW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71bb0cdfdae96683-MAD
expires
Mon, 05 Jun 2023 11:43:49 GMT
jquery.min.js
www.heitman.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heitman.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
etag
W/"6048e0ac-15db1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
jquery-migrate.min.js
www.heitman.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heitman.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
asyncdc.min.js
www.heitman.com/wp-content/plugins/pardot/js/ 		457 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heitman.com/wp-content/plugins/pardot/js/asyncdc.min.js?ver=5.9.3
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
91d744bf23ae2d21a6565a51934c39e0f8fa6121b958f2998a1979ee7ba2fa9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
content-encoding
br
last-modified
Tue, 13 Apr 2021 18:56:36 GMT
server
nginx
etag
W/"6075e964-1c9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
site.min.js
www.heitman.com/wp-content/themes/heitman_childtheme/js/ 		418 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heitman.com/wp-content/themes/heitman_childtheme/js/site.min.js?1.03
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
dd30523cb1b4d7eb67f3d6b95c63dd84da38cd1bb0fac64c904fddb01434f3d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
content-encoding
br
last-modified
Fri, 26 Apr 2019 06:07:22 GMT
server
nginx
etag
W/"5cc2a01a-68626"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?v=3.8&sensor=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.heitman.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
wp-emoji-release.min.js
www.heitman.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heitman.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
content-encoding
br
last-modified
Tue, 08 Jun 2021 22:15:12 GMT
server
nginx
etag
W/"60bfebf0-4705"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3282
date
Wed, 15 Jun 2022 10:49:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 15 Jun 2022 12:49:07 GMT
heitman-50th-logo.png
www.heitman.com/wp-content/themes/heitman_childtheme/css/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heitman.com/wp-content/themes/heitman_childtheme/css/images/heitman-50th-logo.png
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/wp-content/themes/heitman_childtheme/css/styles.css?ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
f36b18a97d54a021c941f9638e7cdc94baed8c127ef3547f6cff8173dbcb0b16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/wp-content/themes/heitman_childtheme/css/styles.css?ver=5.9.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
last-modified
Fri, 26 Apr 2019 06:07:21 GMT
server
nginx
etag
"5cc2a019-f6e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
3950
logo-s.svg
www.heitman.com/wp-content/themes/heitman_childtheme/css/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heitman.com/wp-content/themes/heitman_childtheme/css/images/logo-s.svg
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/wp-content/themes/heitman_childtheme/css/styles.css?ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
398d17abe971d8690acdbead57c650c0916c53b4a3d6f7fa94c5ce1a1cc9c71e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/wp-content/themes/heitman_childtheme/css/styles.css?ver=5.9.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
content-encoding
br
last-modified
Fri, 26 Apr 2019 06:07:21 GMT
server
nginx
etag
W/"5cc2a019-892"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
Graphik-Regular-Web.woff
www.heitman.com/wp-content/themes/heitman_childtheme/fonts/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.heitman.com/wp-content/themes/heitman_childtheme/fonts/Graphik-Regular-Web.woff
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/wp-content/themes/heitman_childtheme/css/styles.css?ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
158aa53c7dd0164fbe5d1da7a8d91cb33da6609ad5e43af8833bd3fd6b1f50a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heitman.com/wp-content/themes/heitman_childtheme/css/styles.css?ver=5.9.3
Origin
https://www.heitman.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
last-modified
Fri, 26 Apr 2019 06:07:21 GMT
server
nginx
etag
"5cc2a019-a4fe"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
42238
LyonDisplay-Regular-Web.woff
www.heitman.com/wp-content/themes/heitman_childtheme/fonts/ 		69 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.heitman.com/wp-content/themes/heitman_childtheme/fonts/LyonDisplay-Regular-Web.woff
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/wp-content/themes/heitman_childtheme/css/styles.css?ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
0aaa654a421187c674e8ce74abfae1e26fe58916821d45a49c79f8182398b1cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heitman.com/wp-content/themes/heitman_childtheme/css/styles.css?ver=5.9.3
Origin
https://www.heitman.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
last-modified
Fri, 26 Apr 2019 06:07:22 GMT
server
nginx
etag
"5cc2a01a-1132b"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
70443
Graphik-Extralight-Web.woff
www.heitman.com/wp-content/themes/heitman_childtheme/fonts/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.heitman.com/wp-content/themes/heitman_childtheme/fonts/Graphik-Extralight-Web.woff
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/wp-content/themes/heitman_childtheme/css/styles.css?ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
26056730b7345c400fbf5e5bebc51a211695ed6e150b0c2750d73786b12f2424
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heitman.com/wp-content/themes/heitman_childtheme/css/styles.css?ver=5.9.3
Origin
https://www.heitman.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:49 GMT
last-modified
Fri, 26 Apr 2019 06:07:21 GMT
server
nginx
etag
"5cc2a019-bb55"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
47957
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1367411235&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heitman.com%2F&ul=en-us&de=UTF-8&dt=Heitman%20%7C%20A%20Real%20Estate%20Investment%20Management%20Firm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1142573214&gjid=1901919177&cid=411768541.1655293430&tid=UA-1086403-1&_gid=1490134233.1655293430&_r=1&_slc=1&z=1564486423
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heitman.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Jun 2022 11:43:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heitman.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1086403-1&cid=411768541.1655293430&jid=1142573214&gjid=1901919177&_gid=1490134233.1655293430&_u=IEBAAEAAAAAAAC~&z=1229006327
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heitman.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 15 Jun 2022 11:43:50 GMT
content-type
text/plain
access-control-allow-origin
https://www.heitman.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
Graphik-Semibold-Web.woff
www.heitman.com/wp-content/themes/heitman_childtheme/fonts/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.heitman.com/wp-content/themes/heitman_childtheme/fonts/Graphik-Semibold-Web.woff
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/wp-content/themes/heitman_childtheme/css/styles.css?ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
1f924416e0a6566d49c0569b540f05465513bbefee59a6906ad7f51d9a0c6f6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heitman.com/wp-content/themes/heitman_childtheme/css/styles.css?ver=5.9.3
Origin
https://www.heitman.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:50 GMT
last-modified
Fri, 26 Apr 2019 06:07:21 GMT
server
nginx
etag
"5cc2a019-b17c"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
45436
LyonText-Regular-Web.woff
www.heitman.com/wp-content/themes/heitman_childtheme/fonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.heitman.com/wp-content/themes/heitman_childtheme/fonts/LyonText-Regular-Web.woff
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/wp-content/themes/heitman_childtheme/css/styles.css?ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.236.62.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.62.236.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
8414cb269abe9649277989af04f9eae9149abf125f05fbc5aebf6d2d5315178e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heitman.com/wp-content/themes/heitman_childtheme/css/styles.css?ver=5.9.3
Origin
https://www.heitman.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:50 GMT
last-modified
Fri, 26 Apr 2019 06:07:22 GMT
server
nginx
etag
"5cc2a01a-f6eb"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
63211
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: www.heitman.com
URL: https://www.heitman.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-120-28.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Wed, 15 Jun 2022 11:43:51 GMT
content-encoding
gzip
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
last-modified
Tue, 14 Jun 2022 05:21:28 GMT
Server
PardotServer
etag
"1547-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
1946
expires
Fri, 14 Jun 2024 11:43:51 GMT
analytics
pi.pardot.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1072&account_id=231192&title=Heitman%20%7C%20A%20Real%20Estate%20Investment%20Management%20Firm&url=https%3A%2F%2Fwww.heitman.com%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-120-28.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
c911a288826f58ba9c772791117739aa9f5ed824a207d8105f08d9ce26355246
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 15 Jun 2022 11:43:51 GMT
content-encoding
gzip
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
vary
Accept-Encoding,User-Agent
Connection
keep-alive
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains
Content-Type
text/javascript; charset=utf-8
Content-Length
1442
Server
PardotServer
expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics
www2.heitman.com/ 		50 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.heitman.com/analytics?conly=true&visitor_id=302994542&visitor_id_sign=8b8ccc2e219d5e1557a9694ec1b0943dd80b312994da0c0cb34fbe2e495447d3480daa21a581e56717ef9a82ee9959cedb4e91c1&pi_opt_in=&campaign_id=1072&account_id=231192&title=Heitman%20%7C%20A%20Real%20Estate%20Investment%20Management%20Firm&url=https%3A%2F%2Fwww.heitman.com%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1072&account_id=231192&title=Heitman%20%7C%20A%20Real%20Estate%20Investment%20Management%20Firm&url=https%3A%2F%2Fwww.heitman.com%2F&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 15 Jun 2022 11:43:52 GMT
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
vary
User-Agent
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
50
Server
PardotServer
expires
Thu, 19 Nov 1981 08:52:00 GMT
common.js
maps.google.com/maps-api-v3/api/js/49/4/intl/es_ALL/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/49/4/intl/es_ALL/common.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?v=3.8&sensor=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0acf8866b3f8458e28124212f5788f7272b84f4a5e2da2966b52e49d3f62d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
580302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30565
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 18:38:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Jun 2023 18:32:12 GMT
util.js
maps.google.com/maps-api-v3/api/js/49/4/intl/es_ALL/ 		309 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/49/4/intl/es_ALL/util.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?v=3.8&sensor=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ca3b5ac34627160820d3e202de49dd69336e75eeec85fc3ad65e78a5c7c008
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.heitman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94011
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 18:38:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 11:43:54 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| _wpemojiSettings object| WPMLLanguageSwitcherDropdown string| GoogleAnalyticsObject function| ga function| Swiper object| google_tag_data object| gaplugins object| gaGlobal object| gaData undefined| $ function| jQuery string| piAId string| piCId object| jQuery11240574773322650306 object| twemoji object| wp function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piResponse

10 Cookies

Domain/Path Name / Value
.heitman.com/ Name: _ga
Value: GA1.2.411768541.1655293430
.heitman.com/ Name: _gid
Value: GA1.2.1490134233.1655293430
.heitman.com/ Name: _gat
Value: 1
.pardot.com/ Name: visitor_id230192
Value: 302994542
.pardot.com/ Name: visitor_id230192-hash
Value: 8b8ccc2e219d5e1557a9694ec1b0943dd80b312994da0c0cb34fbe2e495447d3480daa21a581e56717ef9a82ee9959cedb4e91c1
pi.pardot.com/ Name: lpv230192
Value: aHR0cHM6Ly93d3cuaGVpdG1hbi5jb20v
www.heitman.com/ Name: visitor_id230192
Value: 302994542
www.heitman.com/ Name: visitor_id230192-hash
Value: 8b8ccc2e219d5e1557a9694ec1b0943dd80b312994da0c0cb34fbe2e495447d3480daa21a581e56717ef9a82ee9959cedb4e91c1
www2.heitman.com/ Name: visitor_id230192
Value: 302994542
www2.heitman.com/ Name: visitor_id230192-hash
Value: 8b8ccc2e219d5e1557a9694ec1b0943dd80b312994da0c0cb34fbe2e495447d3480daa21a581e56717ef9a82ee9959cedb4e91c1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
heitman.com
maps.google.com
maps.googleapis.com
pi.pardot.com
stats.g.doubleclick.net
www.google-analytics.com
www.heitman.com
www2.heitman.com
23.236.62.72
2606:4700::6811:190e
2a00:1450:4001:80e::200e
2a00:1450:4001:828::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c1b::9b
3.92.120.28
52.54.96.194
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04731d2532a607d60c6646a5a86c3f843e5427d29c8871c2d008478c31cc858b
0aaa654a421187c674e8ce74abfae1e26fe58916821d45a49c79f8182398b1cc
0d0acf8866b3f8458e28124212f5788f7272b84f4a5e2da2966b52e49d3f62d9
158aa53c7dd0164fbe5d1da7a8d91cb33da6609ad5e43af8833bd3fd6b1f50a7
1f924416e0a6566d49c0569b540f05465513bbefee59a6906ad7f51d9a0c6f6f
26056730b7345c400fbf5e5bebc51a211695ed6e150b0c2750d73786b12f2424
31a665942a5da74c7e180d27ce4f7a06f9590328abc5752f543f547e4e4eeaf6
32ca3b5ac34627160820d3e202de49dd69336e75eeec85fc3ad65e78a5c7c008
398d17abe971d8690acdbead57c650c0916c53b4a3d6f7fa94c5ce1a1cc9c71e
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
47668a9a03dd34c9ff2cab900975ddb3d14b1cd915f55a8822aad2ed00cff54d
66d18f6dc9983a817863220206f19b9b68ff7413f6f885bd2892c024fcc18252
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c83de5fc90fc5cb12d3f086f9540a4a4beecdd13abcda42ce0f5e9bad4b27f5
6f76055b633f3918b38d00cd328d12d3f321a57ba2f057b0829a63c93e4e7673
707efcbedff9d1c81d6e2ae30975d64794f53a66a9877ceba5bd877594162b1c
8414cb269abe9649277989af04f9eae9149abf125f05fbc5aebf6d2d5315178e
91d744bf23ae2d21a6565a51934c39e0f8fa6121b958f2998a1979ee7ba2fa9d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aaca97140e16497d44d66f0f17a0d93cb899e73114b793a37ab6a9ce1ad2ba0b
ade0d05d8b0d81eb3d03d8c3be4b843ca63ac2ce4592abac4cda17b0a8bedd61
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b896c55548d661128597c19bb4993683ae7fef3816fe3f649f58fd95369b32de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c911a288826f58ba9c772791117739aa9f5ed824a207d8105f08d9ce26355246
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
dd30523cb1b4d7eb67f3d6b95c63dd84da38cd1bb0fac64c904fddb01434f3d9
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e51593da25f4e77c80082e80834e58b2116db0834e650ae79413785c58610cce
f36b18a97d54a021c941f9638e7cdc94baed8c127ef3547f6cff8173dbcb0b16