www.heelsteam.com Open in urlscan Pro
34.238.62.66 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heelsteam.com/
Effective URL:
https://www.heelsteam.com/
Submission Tags: discord.fish
Submission: On May 27 via api (May 27th 2022, 8:02:44 pm UTC) from NL — Scanned from NL

Summary HTTP 62 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 11 domains to perform 62 HTTP transactions. The main IP is 34.238.62.66, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.heelsteam.com.
TLS certificate: Issued by R3 on May 27th 2022. Valid for: 3 months.

This is the only time www.heelsteam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	34.238.62.66 34.238.62.66	14618 (AMAZON-AES) (AMAZON-AES)
2	52.222.214.90 52.222.214.90	16509 (AMAZON-02) (AMAZON-02)
12	13.32.121.57 13.32.121.57	16509 (AMAZON-02) (AMAZON-02)
13	18.66.248.34 18.66.248.34	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14d5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	108.157.4.29 108.157.4.29	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1	18.66.248.96 18.66.248.96	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
62	15

11 34.238.62.66 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-62-66.compute-1.amazonaws.com

heelsteam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.heelsteam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-90.fra56.r.cloudfront.net

style.realgeeks.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.32.121.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-57.fra60.r.cloudfront.net

cdn.realgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.66.248.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-34.dus51.r.cloudfront.net

t2.realgeeks.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14d5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-29.dus51.r.cloudfront.net

u.realgeeks.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-96.dus51.r.cloudfront.net

widgets.realgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	realgeeks.media style.realgeeks.media — Cisco Umbrella Rank: 166120 t2.realgeeks.media — Cisco Umbrella Rank: 333088 u.realgeeks.media — Cisco Umbrella Rank: 163851	5 MB
13	realgeeks.com cdn.realgeeks.com — Cisco Umbrella Rank: 169536 widgets.realgeeks.com — Cisco Umbrella Rank: 275734	670 KB
11	heelsteam.com 1 redirects heelsteam.com www.heelsteam.com	91 KB
6	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 304	220 KB
6	gstatic.com fonts.gstatic.com maps.gstatic.com	71 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	17 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	388 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	114 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 624	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 206	2 KB
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 5583	12 KB
62	11

	Domain	Requested by
13	t2.realgeeks.media	www.heelsteam.com
12	cdn.realgeeks.com	www.heelsteam.com
10	www.heelsteam.com	www.heelsteam.com cdn.realgeeks.com
6	maps.googleapis.com	www.heelsteam.com maps.googleapis.com
4	fonts.gstatic.com	www.heelsteam.com
3	stats.g.doubleclick.net	www.heelsteam.com
2	maps.gstatic.com	www.heelsteam.com
2	www.facebook.com	www.heelsteam.com
2	u.realgeeks.media	www.heelsteam.com
2	connect.facebook.net	www.heelsteam.com connect.facebook.net
2	style.realgeeks.media	www.heelsteam.com
1	widgets.realgeeks.com	code.jquery.com
1	code.jquery.com	www.heelsteam.com
1	cdnjs.cloudflare.com	www.heelsteam.com
1	websdk.appsflyer.com	www.heelsteam.com
1	heelsteam.com	1 redirects
62	16

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
pinterest.com
www.realgeeks.com

Subject Issuer	Validity	Valid
heelsteam.com R3	`2022-05-27` - `2022-08-25`	3 months	crt.sh
style.realgeeks.media Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
cdn.realgeeks.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
t.realgeeks.media Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-06` - `2022-06-04`	3 months	crt.sh
*.appsflyer.com DigiCert SHA2 Secure Server CA	`2021-10-09` - `2022-10-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
u.realgeeks.media Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.realgeeks.com Amazon	`2022-01-03` - `2023-02-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.heelsteam.com/
Frame ID: 020355F8D162397A30471B8C56F447B5
Requests: 44 HTTP requests in this frame

Frame: https://www.heelsteam.com/cma/property-valuation/widget/?use_anna=true&background_color=null&button_background_color=null
Frame ID: 364F5C4A87AE46BE46C570C360183EED
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Minnesota & Wisconsin Real Estate

Page URL History Show full URLs

http://heelsteam.com/ HTTP 301
https://www.heelsteam.com/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

100 %
HTTPS

60 %
IPv6

11
Domains

16
Subdomains

15
IPs

4
Countries

6468 kB
Transfer

9924 kB
Size

9
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet?url=https%3A//www.heelsteam.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A//www.heelsteam.com/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https%3A//www.heelsteam.com/

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A//www.heelsteam.com/

Search URL Search Domain Scan URL

URL: http://www.realgeeks.com/static/uploads/nsmls_eula.pdf
Title: EULA

Search URL Search Domain Scan URL

URL: https://www.realgeeks.com/?utm_campaign=client%20site%20ref&utm_source=client%20site%20referral&utm_content=www.heelsteam.com&utm_medium=referral
Title: IDX Site Powered by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heelsteam.com/ HTTP 301
https://www.heelsteam.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.heelsteam.com/
Redirect Chain

http://heelsteam.com/
https://www.heelsteam.com/

102 KB
19 KB

715ms
412ms

Document
text/html

34.238.62.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heelsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.62.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-62-66.compute-1.amazonaws.com
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: b37e56f146ebb0b5e79652cd86c4dbac4260f438ce8bcd1191700efad3426c45

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 27 May 2022 20:02:36 GMT
Server: openresty/1.19.9.1
Transfer-Encoding: chunked
X-Powered-By: Otter-Pops
X-Search-Id: 3
X-UA-Device: wat?

Redirect headers

Connection: keep-alive
Content-Length: 175
Content-Type: text/html
Date: Fri, 27 May 2022 20:02:36 GMT
Location: https://www.heelsteam.com/
Server: openresty/1.19.9.1

GET
H2 200 anna.min.css
style.realgeeks.media/post/ 36 KB
9 KB 124ms
39ms Stylesheet
text/css 52.222.214.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://style.realgeeks.media/post/anna.min.css?zvars=eJyrVipIzEktKUnVzUssy0xPLMnMz3NKTM5OL8ovzUvRTc7PyS9SslJQUjYyNnI1MVLSUcCvIb8g%0AMTmzpBKkxVDPALtyn8y8bCST3cAAWWlSUSKK3QYGjs7ORkq1AEBQOTs%3D
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-90.fra56.r.cloudfront.net
Software: / Express
Resource Hash: d4c2033abe61b13790c9b4d3445ffe23ba6fcf0e4e60f4e5719d1e5308ab4b8e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 00:30:06 GMT
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
etag: W/"8ff9-99DgQ01/fdjszIq1OrSfuRMMTZo"
age: 70816
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
x-amz-cf-pop: FRA56-P3
content-encoding: gzip
x-amz-cf-id: JDLoVYKAW_Vg_UPdqJhEMvSdfRls5l-OjQnsN3FfWT3SVK9FOHF1Ag==

GET
H2 200 9e8619a8ca95.js Show response
cdn.realgeeks.com/static/CACHE/js/ 2 MB
548 KB 146ms
44ms Script
application/javascript 13.32.121.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.realgeeks.com/static/CACHE/js/9e8619a8ca95.js
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-57.fra60.r.cloudfront.net
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: 6f1c8e4d0840c80a19c19423c5188dda5ba06a8e841c41d86c4422ecda243c72

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 13 May 2022 00:35:03 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 21:49:52 GMT
server: openresty/1.19.9.1
age: 1279654
x-powered-by: Otter-Pops
etag: W/"627d8100-27061b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: yymZ34NLKLWUWxf-wMpXoCFR1BHDMdN_mDD6ER3AWNlK5Optg-Ipgw==
expires: Sun, 12 Jun 2022 00:35:03 GMT

GET
H2 200 Facebook_Cover_2.png
t2.realgeeks.media/thumbnail/2ZPNPn2FA-qqtUOfcBYbzEngycA=/fit-in/400x86/filters:format(png)/u.realgeeks.media/heelsteam/ 20 KB
20 KB 1605ms
1518ms Image
image/png 18.66.248.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.realgeeks.media/thumbnail/2ZPNPn2FA-qqtUOfcBYbzEngycA=/fit-in/400x86/filters:format(png)/u.realgeeks.media/heelsteam/Facebook_Cover_2.png
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-34.dus51.r.cloudfront.net
Software: /
Resource Hash: 4e8f5db07563aca4c98efa1a564991e17a05fde46ff0197da48fb74bd7115aa0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:38 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amzn-requestid: 95d5b78a-82b2-46aa-826f-b2af65d421eb
x-amz-cf-pop: DUS51-P1
etag: "b63050685e38f1e4b8a315a7e5cfee706db8deb4"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amzn-trace-id: Root=1-62912e5d-7f90943367824e0b5374d929;Sampled=0
content-length: 20282
x-amz-apigw-id: SzQunFZcIAMFyZA=
x-amzn-remapped-date: Fri, 27 May 2022 20:02:37 GMT
x-amz-cf-id: Slh3S3aPBJQYrvNERWirTT0Lad9c-GOn_5Z8zVQZDbL_jtO8jYxKUQ==
expires: Sat, 27 May 2023 20:02:38 GMT

GET
H/1.1 200
OK search.svg
www.heelsteam.com/static/designs/img/anna/icons/ 407 B
753 B 105ms
103ms Image
image/svg+xml 34.238.62.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heelsteam.com/static/designs/img/anna/icons/search.svg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.62.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-62-66.compute-1.amazonaws.com
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: daf97f54389aac72a0c0e73e72eb530990974ec47d674c48a3be7d6306e0bb19

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 20:02:37 GMT
ETag: "62910980-197"
Last-Modified: Fri, 27 May 2022 17:25:20 GMT
Server: openresty/1.19.9.1
X-Powered-By: Otter-Pops
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 407
Expires: Sun, 26 Jun 2022 20:02:37 GMT

GET
H/1.1 200
OK heart.svg
www.heelsteam.com/static/designs/img/anna/icons/ 813 B
1 KB 217ms
113ms Image
image/svg+xml 34.238.62.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heelsteam.com/static/designs/img/anna/icons/heart.svg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.62.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-62-66.compute-1.amazonaws.com
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: e29dafd8f07cc55fdfefc5cbc380bb807ee414efe17b4361f943b28bbe68a3a9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 20:02:37 GMT
ETag: "62910980-32d"
Last-Modified: Fri, 27 May 2022 17:25:20 GMT
Server: openresty/1.19.9.1
X-Powered-By: Otter-Pops
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 813
Expires: Sun, 26 Jun 2022 20:02:37 GMT

GET
H/1.1 200
OK chevron-left.svg
www.heelsteam.com/static/designs/img/anna/icons/ 539 B
885 B 320ms
103ms Image
image/svg+xml 34.238.62.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heelsteam.com/static/designs/img/anna/icons/chevron-left.svg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.62.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-62-66.compute-1.amazonaws.com
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: 462ad72bd5b4d6ea19b65a0914507d253e7af550233f88e37c8542963b6984ca

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 20:02:37 GMT
ETag: "62910980-21b"
Last-Modified: Fri, 27 May 2022 17:25:20 GMT
Server: openresty/1.19.9.1
X-Powered-By: Otter-Pops
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 539
Expires: Sun, 26 Jun 2022 20:02:37 GMT

GET
H2 200 phone-alt-regular-white.svg
cdn.realgeeks.com/static/designs/img/anna/icons/ 780 B
1 KB 130ms
127ms Image
image/svg+xml 13.32.121.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.realgeeks.com/static/designs/img/anna/icons/phone-alt-regular-white.svg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-57.fra60.r.cloudfront.net
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: ed9a40532f0540af74cfdd8437c225156d418e5098aabdfd75da8b0d85630171

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 19 May 2022 00:37:33 GMT
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
etag: "62858bdd-30c"
last-modified: Thu, 19 May 2022 00:14:21 GMT
server: openresty/1.19.9.1
age: 761104
x-powered-by: Otter-Pops
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 780
x-amz-cf-id: LrGwwE2hQu64s8iCTiVhJI9VAhGcfhZUHk0kRQIICASZkPgvKpcDUw==
expires: Sat, 18 Jun 2022 00:37:33 GMT

GET
H2 200 twitter.svg
cdn.realgeeks.com/static/designs/img/anna/icons/ 854 B
1 KB 131ms
128ms Image
image/svg+xml 13.32.121.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.realgeeks.com/static/designs/img/anna/icons/twitter.svg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-57.fra60.r.cloudfront.net
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: 0bf75c25e6407a65dfab8fbc5dfaff98c87946dbf6d2870232d9479bdaa1db1b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 00:45:24 GMT
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
etag: "62901bd3-356"
last-modified: Fri, 27 May 2022 00:31:15 GMT
server: openresty/1.19.9.1
age: 69433
x-powered-by: Otter-Pops
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 854
x-amz-cf-id: PaCcuHDD0HgUMQUK1rI8xhknFCsKDDBo4ucvwLD_78aBLbkMcSpjzA==
expires: Sun, 26 Jun 2022 00:45:24 GMT

GET
H2 200 facebook-f.svg
cdn.realgeeks.com/static/designs/img/anna/icons/ 430 B
826 B 131ms
129ms Image
image/svg+xml 13.32.121.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.realgeeks.com/static/designs/img/anna/icons/facebook-f.svg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-57.fra60.r.cloudfront.net
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: 1a137a05b5b9defacdc23009f95359bc85fef6c1a254389a10604fa74b6f99d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:52:18 GMT
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
etag: "62883663-1ae"
last-modified: Sat, 21 May 2022 00:46:27 GMT
server: openresty/1.19.9.1
age: 573019
x-powered-by: Otter-Pops
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 430
x-amz-cf-id: SYClt_2OC-N52qqvsMBDRFlatSZLGe3bNt6lze0REZ6Ik5oeCwenXQ==
expires: Mon, 20 Jun 2022 04:52:18 GMT

GET
H2 200 linkedin-in.svg
cdn.realgeeks.com/static/designs/img/anna/icons/ 630 B
1 KB 132ms
130ms Image
image/svg+xml 13.32.121.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.realgeeks.com/static/designs/img/anna/icons/linkedin-in.svg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-57.fra60.r.cloudfront.net
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: 2763db9a7991ec89f4cf229415a9a74ce8ff234539c30e697d3ebb77cdf3f117

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 00:45:25 GMT
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
etag: "62901bd3-276"
last-modified: Fri, 27 May 2022 00:31:15 GMT
server: openresty/1.19.9.1
age: 69432
x-powered-by: Otter-Pops
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 630
x-amz-cf-id: jH0t6pyvbY7wiATo4xO7IFHYiQZnIMNmkGKOXP5yZarlrEorwkP53g==
expires: Sun, 26 Jun 2022 00:45:25 GMT

GET
H2 200 pinterest-p.svg
cdn.realgeeks.com/static/designs/img/anna/icons/ 786 B
1 KB 130ms
129ms Image
image/svg+xml 13.32.121.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.realgeeks.com/static/designs/img/anna/icons/pinterest-p.svg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-57.fra60.r.cloudfront.net
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: cf3656b718d9643a198e206fb3bb6b60348611cf17a186ba3deba4d1b2a57cc7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 00:45:25 GMT
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
etag: "62901bc7-312"
last-modified: Fri, 27 May 2022 00:31:03 GMT
server: openresty/1.19.9.1
age: 69432
x-powered-by: Otter-Pops
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 786
x-amz-cf-id: 1hEtbVzjIeHY2Uwn67t86jmCpSSG_iI2ozwYSGR2GfKsGz494anRPw==
expires: Sun, 26 Jun 2022 00:45:25 GMT

GET
H/1.1 200
OK mred_large.gif
www.heelsteam.com/static/default/ 545 B
887 B 340ms
103ms Image
image/gif 34.238.62.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heelsteam.com/static/default/mred_large.gif
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.62.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-62-66.compute-1.amazonaws.com
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: 3fd3016de8aa5330a85896966f9fc4f61180e575df7d82fc02c14ff92d50b69a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 20:02:37 GMT
ETag: "62910855-221"
Last-Modified: Fri, 27 May 2022 17:20:21 GMT
Server: openresty/1.19.9.1
X-Powered-By: Otter-Pops
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 545
Expires: Sun, 26 Jun 2022 20:02:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 114ms
36ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.heelsteam.com
URL: https://www.heelsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: ljIbk5ec+6CYM1TAbaHYiPm5OuyzybBFNlJVQ3YUHl7ZHeL59SaOW8QMPl8oJGFc0E/54B09R/xTb9PUY7cdqw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 27 May 2022 20:02:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 valuation_anna.js Show response
cdn.realgeeks.com/static/widgets/js/ 11 KB
4 KB 130ms
129ms Script
application/javascript 13.32.121.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.realgeeks.com/static/widgets/js/valuation_anna.js
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-57.fra60.r.cloudfront.net
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: 9fbe5b24f45e63c23632e0c2b08d158bc577b892f4467a656fb669d629f3afb2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:30:12 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 00:38:44 GMT
server: openresty/1.19.9.1
age: 210745
x-powered-by: Otter-Pops
etag: W/"628d7a94-2d76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: TL_n36DiiIPNDzmzvHjRc2UB9oK4RXaj082Kr1cuIJaYHVIINDXaZg==
expires: Fri, 24 Jun 2022 09:30:12 GMT

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 135ms
36ms Script
application/javascript 2a02:26f0:3500:11::215:14d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f44c4c0006c2239db8defec6537b0306ed3981369008fc4711bad69fbaf15e1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Fri, 27 May 2022 20:02:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Apr 2022 08:41:42 GMT
Server: AmazonS3
x-amz-request-id: QBCZFTPJZQS2RA4D
ETag: "08179f9adc55b98cc307cd6770e123ad"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3300
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11541
x-amz-id-2: k439erDrxRlBvl+9nyRArbeTMb0ltPoYKyytjhOOcSqARr8XKoelk/SPJveoUhLmqSV6DlUUVY4=
Expires: Fri, 27 May 2022 20:57:37 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 108ms
33ms Script
text/javascript 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.heelsteam.com
URL: https://www.heelsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1315
date: Fri, 27 May 2022 19:40:42 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Fri, 27 May 2022 21:40:42 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 120ms
33ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: www.heelsteam.com
URL: https://www.heelsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heelsteam.com/
Origin: https://www.heelsteam.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:05:39 GMT
x-content-type-options: nosniff
age: 223018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13912
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 25 May 2023 06:05:39 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 155ms
68ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: www.heelsteam.com
URL: https://www.heelsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heelsteam.com/
Origin: https://www.heelsteam.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 06:28:05 GMT
x-content-type-options: nosniff
age: 48872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 27 May 2023 06:28:05 GMT

GET
H2 200 YellowHouse.jpg
u.realgeeks.media/heelsteam/_rgg/landscape_images/ 5 MB
5 MB 640ms
545ms Image
image/jpeg 108.157.4.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.realgeeks.media/heelsteam/_rgg/landscape_images/YellowHouse.jpg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20f1ffe834ec81803d1deec701512bc68f737b99a1c681276534a13cb7231177

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:38 GMT
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
last-modified: Tue, 07 Jun 2016 23:14:17 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
etag: "587c1f7c6f2a386bbda7bd115a825b04"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 4934388
x-amz-cf-id: jjM1OOco01vpSuKu1NW_ciUFX_dW4X-QwZVK__KAF8Yuj3A_XrHY9A==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 103ms
41ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: www.heelsteam.com
URL: https://www.heelsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heelsteam.com/
Origin: https://www.heelsteam.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 00:17:59 GMT
x-content-type-options: nosniff
age: 243878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 25 May 2023 00:17:59 GMT

GET
H2 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0UzdYPFkZVO.woff
fonts.gstatic.com/s/rubik/v12/ 23 KB
23 KB 139ms
77ms Font
font/woff 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v12/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0UzdYPFkZVO.woff

Requested by

Host: www.heelsteam.com
URL: https://www.heelsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c9e5342537cb99cb4a18ff92a2e4239b8f1a47484c05667e638e0ff24c2a782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heelsteam.com/
Origin: https://www.heelsteam.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 00:35:40 GMT
x-content-type-options: nosniff
age: 242817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23780
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:10:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 25 May 2023 00:35:40 GMT

GET
H2 200 Market-Report-2.png
u.realgeeks.media/rgtemplate/ 31 KB
31 KB 112ms
44ms Image
image/png 108.157.4.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.realgeeks.media/rgtemplate/Market-Report-2.png
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05772991c1b50e5514395b758aba35c1512615c697810e9f83f256642588cf36

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 04:31:07 GMT
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jul 2017 18:57:05 GMT
server: AmazonS3
age: 55891
etag: "854a6eec34b69c9f09c5419a265fd755"
x-cache: Hit from cloudfront
x-amz-version-id: AAaTUE69AfztVx63ZlT34gUbXlScZJ_3
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: image/png
content-length: 31344
x-amz-cf-id: US_-fKOyZnU0YVOgb5IqiTP-H0UgVXf2cgypjyqA3iqMZfujMjIqwg==

GET
H2 200 294411691878802 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 213ms
213ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/294411691878802?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

37be90e50511614bba319976e46c298f7cbd782220776e8404109ff6766ac615

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: RsJpBD6d716UTrFPst8S43f70UPHAkhwJPQBk+K/wTXz6Go5C7dJZLR9SYpNgwRKei/sRUSK09leIFnAs4T3xw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 27 May 2022 20:02:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653681757357
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
55 B 102ms
34ms Image
image/gif 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=570880172&utmhn=www.heelsteam.com&utme=8(2!Template*Site%20Domain*Lead%20Capture%20on%20Property*Content%20Page%20Property%20Lead%20Capture*Board)9(2!anna*www.heelsteam.com*1*true*%5B5062%5D)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Minnesota%20%26%20Wisconsin%20Real%20Estate&utmhid=107095803&utmr=-&utmp=%2F&utmht=1653681757216&utmac=UA-50697213-2&utmcc=__utma%3D147786030.165243721.1653681757.1653681757.1653681757.1%3B%2B__utmz%3D147786030.1653681757.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1920094186&utmredir=3&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.heelsteam.com
URL: https://www.heelsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 27 May 2022 20:02:37 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
55 B 102ms
34ms Image
image/gif 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=2114539265&utmhn=www.heelsteam.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Minnesota%20%26%20Wisconsin%20Real%20Estate&utmhid=107095803&utmr=-&utmp=%2F&utmht=1653681757218&utmac=UA-217738278-1&utmcc=__utma%3D147786030.165243721.1653681757.1653681757.1653681757.1%3B%2B__utmz%3D147786030.1653681757.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1561259034&utmredir=3&utmmt=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.heelsteam.com
URL: https://www.heelsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 27 May 2022 20:02:37 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 401
Unauthorized / Show response
www.heelsteam.com/live-chat/auth/ 32 B
240 B 123ms
122ms Fetch
application/json 34.238.62.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heelsteam.com/live-chat/auth/
Requested by: Host: cdn.realgeeks.com
URL: https://cdn.realgeeks.com/static/CACHE/js/9e8619a8ca95.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.62.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-62-66.compute-1.amazonaws.com
Software: openresty/1.19.9.1 /
Resource Hash: bfd72d517cc18fbbee0f12febf5ccc307b176400affceb26d354e24c749f1743

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 20:02:37 GMT
X-UA-Device: wat?
Server: openresty/1.19.9.1
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json

GET
H2 200 b8dfab926ebfe940a883067f18499d59.jpg
t2.realgeeks.media/thumbnail/wrA8jEL_Qpfkra6jQNpTl_mr-nI=/422x336/property-images.realgeeks.com/mnminne/ 31 KB
32 KB 1076ms
1076ms Image
image/jpeg 18.66.248.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.realgeeks.media/thumbnail/wrA8jEL_Qpfkra6jQNpTl_mr-nI=/422x336/property-images.realgeeks.com/mnminne/b8dfab926ebfe940a883067f18499d59.jpg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-34.dus51.r.cloudfront.net
Software: /
Resource Hash: 869ac29d49d6bb5f9231fd54ff0434031b78da4faeec5031982be1ea1c9485f5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:38 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amzn-requestid: 3f42ff5f-6d41-4197-ba6e-f0c3e947d1a0
x-amz-cf-pop: DUS51-P1
etag: "8662fe9a75e92d3395f0313174b298e6095e67cb"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amzn-trace-id: Root=1-62912e5d-6b6bb4e94ed4806e2680c24e;Sampled=0
content-length: 31865
x-amz-apigw-id: SzQuqEBCoAMF1Kw=
x-amzn-remapped-date: Fri, 27 May 2022 20:02:37 GMT
x-amz-cf-id: Ot0qGdv8pHVcjwJWqf4soyfmbuVaFEg2v165PCCXYCRucIQoa2F6tg==
expires: Sat, 27 May 2023 20:02:38 GMT

GET
H2 200 b8dfab926ebfe940a883067f18499d59.jpg
t2.realgeeks.media/thumbnail/XcOP7XLL-aXQVd5o6A1voqDW9c8=/422x208/property-images.realgeeks.com/mnminne/ 22 KB
23 KB 1030ms
1029ms Image
image/jpeg 18.66.248.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.realgeeks.media/thumbnail/XcOP7XLL-aXQVd5o6A1voqDW9c8=/422x208/property-images.realgeeks.com/mnminne/b8dfab926ebfe940a883067f18499d59.jpg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-34.dus51.r.cloudfront.net
Software: /
Resource Hash: 5e9576d3317133545cbe780fa8436e9cac33d82db66587c6d8a6ea6b56bc3299

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:38 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amzn-requestid: 6f862c03-2a09-461c-850c-2c497cecd167
x-amz-cf-pop: DUS51-P1
etag: "3553c7e6d4499cc61b49988b0c0de135991cd5c7"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amzn-trace-id: Root=1-62912e5d-5239b178722443234089a5d6;Sampled=0
content-length: 22550
x-amz-apigw-id: SzQuqHMlIAMFdNw=
x-amzn-remapped-date: Fri, 27 May 2022 20:02:37 GMT
x-amz-cf-id: YpDTXhMpUIY61XtinqAoWepdLiy9RGhgVF84TkZqcciIadVNbsb_kA==
expires: Sat, 27 May 2023 20:02:38 GMT

GET
H2 200 f9a272cc2f351a9031f891d4244e2f9a.jpg
t2.realgeeks.media/thumbnail/8A493P-99D-2ZhFOS5mX0Z-GLKw=/422x336/property-images.realgeeks.com/mnminne/ 32 KB
33 KB 1034ms
1033ms Image
image/jpeg 18.66.248.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.realgeeks.media/thumbnail/8A493P-99D-2ZhFOS5mX0Z-GLKw=/422x336/property-images.realgeeks.com/mnminne/f9a272cc2f351a9031f891d4244e2f9a.jpg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-34.dus51.r.cloudfront.net
Software: /
Resource Hash: 8cceb5bf96fb644e59f29ae85f9b6425ffeacf6c50e05910fa5c882d6458d015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:38 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amzn-requestid: 3d0fc3fc-ada5-41ec-8c2c-d526be757ca0
x-amz-cf-pop: DUS51-P1
etag: "b6604a7f6aea8818802f8285a024780b2379efd8"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amzn-trace-id: Root=1-62912e5d-62991cf93be703983c5b2fcd;Sampled=0
content-length: 33014
x-amz-apigw-id: SzQuqFj4IAMFp_w=
x-amzn-remapped-date: Fri, 27 May 2022 20:02:37 GMT
x-amz-cf-id: CsLpIGQLLxksNiVcwR-77BcgKqcTdKk7o9w-cNibTi0YUaOQoCnYlA==
expires: Sat, 27 May 2023 20:02:38 GMT

GET
H2 200 f9a272cc2f351a9031f891d4244e2f9a.jpg
t2.realgeeks.media/thumbnail/scM_VjjcIaMtsKWlR4r2LD1MV2E=/422x208/property-images.realgeeks.com/mnminne/ 22 KB
23 KB 1105ms
1104ms Image
image/jpeg 18.66.248.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.realgeeks.media/thumbnail/scM_VjjcIaMtsKWlR4r2LD1MV2E=/422x208/property-images.realgeeks.com/mnminne/f9a272cc2f351a9031f891d4244e2f9a.jpg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-34.dus51.r.cloudfront.net
Software: /
Resource Hash: c32d1fd30672086870c33f5d6385a3a9cadf424f87d277a4871247f6bbcb4613

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:38 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amzn-requestid: 98e1ebf3-12b5-4010-bdf9-1047e8601fc0
x-amz-cf-pop: DUS51-P1
etag: "307195ec0dc9bfc91e78a8d705b3dcb107a1d9df"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amzn-trace-id: Root=1-62912e5d-7fa50fe06d6a4d200f5b5330;Sampled=0
content-length: 22654
x-amz-apigw-id: SzQuqF38IAMFdlg=
x-amzn-remapped-date: Fri, 27 May 2022 20:02:37 GMT
x-amz-cf-id: qBzABiY68igMCJkxoEIF77OaftiDgWiLk_2AMWo9aJsbkAR2f2TAnQ==
expires: Sat, 27 May 2023 20:02:38 GMT

GET
H2 200 70f47d2312ea4518d566bd73dbb64e8d.jpg
t2.realgeeks.media/thumbnail/52XgVNi4dftJqCkIgfrX2ajyLMY=/422x336/property-images.realgeeks.com/mnminne/ 28 KB
28 KB 1277ms
1276ms Image
image/jpeg 18.66.248.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.realgeeks.media/thumbnail/52XgVNi4dftJqCkIgfrX2ajyLMY=/422x336/property-images.realgeeks.com/mnminne/70f47d2312ea4518d566bd73dbb64e8d.jpg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-34.dus51.r.cloudfront.net
Software: /
Resource Hash: 12d086fe12b62945f10d2b42d13fdb6848cd9a8c0fc70800e1cfcdab7365516a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:38 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amzn-requestid: 81541c4e-3e74-47ae-a805-d62a3493e52c
x-amz-cf-pop: DUS51-P1
etag: "ef3bfa122e821d97ab63004e3b392d3e809a1f47"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amzn-trace-id: Root=1-62912e5d-446de8f72cf9492f55c45d21;Sampled=0
content-length: 28472
x-amz-apigw-id: SzQuqG9yIAMFeHQ=
x-amzn-remapped-date: Fri, 27 May 2022 20:02:37 GMT
x-amz-cf-id: SvmbBNuS5uz58hVMyhtMfyq1kMJVpDbHklIoYu95WQ9lcNp44ch_kw==
expires: Sat, 27 May 2023 20:02:38 GMT

GET
H2 200 3e348faa8314f5e68a2acf6f87fe80a6.jpg
t2.realgeeks.media/thumbnail/q-MiscXBaagjUdssQGzNzoDapK8=/422x336/property-images.realgeeks.com/mnminne/ 28 KB
28 KB 1006ms
1005ms Image
image/jpeg 18.66.248.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.realgeeks.media/thumbnail/q-MiscXBaagjUdssQGzNzoDapK8=/422x336/property-images.realgeeks.com/mnminne/3e348faa8314f5e68a2acf6f87fe80a6.jpg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-34.dus51.r.cloudfront.net
Software: /
Resource Hash: 4d8314e9edf222c2566c458848b365b6980ce568f66f9450cc8703b1efb656b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:38 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amzn-requestid: fb0f8ae7-e34e-4cc2-8275-d7e85968eb25
x-amz-cf-pop: DUS51-P1
etag: "b5c76ce677c96a52d3ad9b555fac4356d72a4f58"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amzn-trace-id: Root=1-62912e5d-600fd3f759eb3fab7723337e;Sampled=0
content-length: 28633
x-amz-apigw-id: SzQuqFzpIAMFSvQ=
x-amzn-remapped-date: Fri, 27 May 2022 20:02:37 GMT
x-amz-cf-id: h24ljihQ45P2n9TzUqnJA5IslhaZWE4Lcuf6EVVlbZ32ggajG0cHnw==
expires: Sat, 27 May 2023 20:02:38 GMT

GET
H2 200 a8985734ebe43a8c3b03544308b0f101.jpg
t2.realgeeks.media/thumbnail/p5uPGDkpijZQ34QS4iH5PFO2Wg8=/422x336/property-images.realgeeks.com/mnminne/ 30 KB
30 KB 695ms
694ms Image
image/jpeg 18.66.248.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.realgeeks.media/thumbnail/p5uPGDkpijZQ34QS4iH5PFO2Wg8=/422x336/property-images.realgeeks.com/mnminne/a8985734ebe43a8c3b03544308b0f101.jpg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-34.dus51.r.cloudfront.net
Software: /
Resource Hash: 5b8da73c7fc424295cc35141757f73a6e7a19cfa064b9daba31e67c021d70894

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:37 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amzn-requestid: 9232fb26-3e44-48dc-857f-2ce068d476d5
x-amz-cf-pop: DUS51-P1
etag: "440a5a54cdd022c7e90376c5467b36ab1cd8b418"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amzn-trace-id: Root=1-62912e5d-1eb2602f1dce56a55a0a2ec9;Sampled=0
content-length: 30219
x-amz-apigw-id: SzQuoHm5oAMF-Fg=
x-amzn-remapped-date: Fri, 27 May 2022 20:02:37 GMT
x-amz-cf-id: ZG5U7AcKk3vMlYYAIMmFpFzYeXg_LUwFiv7_QSNPt3CrcedV0OLu6g==
expires: Sat, 27 May 2023 20:02:37 GMT

GET
H2 200 f7734e204ce5819f1ab9762546f798c3.jpg
t2.realgeeks.media/thumbnail/_hUoGHIGFWC6q3KuJeB8fwkkbhg=/422x336/property-images.realgeeks.com/mnminne/ 28 KB
28 KB 753ms
752ms Image
image/jpeg 18.66.248.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.realgeeks.media/thumbnail/_hUoGHIGFWC6q3KuJeB8fwkkbhg=/422x336/property-images.realgeeks.com/mnminne/f7734e204ce5819f1ab9762546f798c3.jpg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-34.dus51.r.cloudfront.net
Software: /
Resource Hash: 8e19db88ca1bc164423bff1d3f346dc4b869a20530e02ddad5d1910cadfde47f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:38 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amzn-requestid: ccabc2fd-54b4-48e7-bf71-89545d48ab67
x-amz-cf-pop: DUS51-P1
etag: "71f48021a5670ee8b44fd59156c074d01d94f68f"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amzn-trace-id: Root=1-62912e5d-33dd49b96d477a5209e22af1;Sampled=0
content-length: 28605
x-amz-apigw-id: SzQuoFCoIAMFiJA=
x-amzn-remapped-date: Fri, 27 May 2022 20:02:37 GMT
x-amz-cf-id: UJtm_6VLOVVEBZGUsFbn5JL6cMbJyLWnxnIPfiL8BW7Uw_YpAlEORg==
expires: Sat, 27 May 2023 20:02:38 GMT

GET
H2 200 fa6cbd379e7f558e7f9550e1e131c65b.jpg
t2.realgeeks.media/thumbnail/-XfrUd9UYUXNRu5y2TYurRq6M0I=/422x336/property-images.realgeeks.com/mnminne/ 34 KB
35 KB 858ms
857ms Image
image/jpeg 18.66.248.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.realgeeks.media/thumbnail/-XfrUd9UYUXNRu5y2TYurRq6M0I=/422x336/property-images.realgeeks.com/mnminne/fa6cbd379e7f558e7f9550e1e131c65b.jpg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-34.dus51.r.cloudfront.net
Software: /
Resource Hash: bafcebffd9b9294cb6087661a015dc9b7547265954b2c30cea8f5a33d4924303

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:38 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amzn-requestid: fa1a0e73-3b86-45af-a9a5-f8b056994d78
x-amz-cf-pop: DUS51-P1
etag: "09f201af60344bbd5827051eba031b9d5eb418ce"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amzn-trace-id: Root=1-62912e5d-0ef87e667e09f3ed543c2176;Sampled=0
content-length: 34941
x-amz-apigw-id: SzQuoGNuoAMFd_Q=
x-amzn-remapped-date: Fri, 27 May 2022 20:02:37 GMT
x-amz-cf-id: ZUkn5G083JxrzlfbxrD1fcGyfGwNKVqwdrSWA4A8Whx988KeceaGnw==
expires: Sat, 27 May 2023 20:02:38 GMT

GET
H2 200 3e063534243b3da4da3070db3b183989.jpg
t2.realgeeks.media/thumbnail/QpcRY_QSo6cRGcM2yx_tpFg0DqM=/422x336/property-images.realgeeks.com/mnminne/ 34 KB
35 KB 994ms
993ms Image
image/jpeg 18.66.248.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.realgeeks.media/thumbnail/QpcRY_QSo6cRGcM2yx_tpFg0DqM=/422x336/property-images.realgeeks.com/mnminne/3e063534243b3da4da3070db3b183989.jpg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-34.dus51.r.cloudfront.net
Software: /
Resource Hash: e411d62415470b8c580d4f9db52d9b189b7738b11218e375256eb3b17edbeedb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:38 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amzn-requestid: 1468324a-3eb2-4181-9c47-c6c69aad11a4
x-amz-cf-pop: DUS51-P1
etag: "3f91396d2d641f8975ea4dd710fc207112b1fd73"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amzn-trace-id: Root=1-62912e5d-574cc8c422c0ad193394a955;Sampled=0
content-length: 34929
x-amz-apigw-id: SzQuqG12oAMFs-A=
x-amzn-remapped-date: Fri, 27 May 2022 20:02:37 GMT
x-amz-cf-id: J-YzHcn1KrhM4OvL-09PvkwX-Hu7dGkuKS3JE8g9Zw6Pe5gmYzujDg==
expires: Sat, 27 May 2023 20:02:38 GMT

GET
H2 200 3efd663732ce138b6884565f514ad029.jpg
t2.realgeeks.media/thumbnail/SQUUFq-yuiMyhWU7KeEHJhNs8qg=/422x336/property-images.realgeeks.com/mnminne/ 25 KB
25 KB 1101ms
1100ms Image
image/jpeg 18.66.248.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.realgeeks.media/thumbnail/SQUUFq-yuiMyhWU7KeEHJhNs8qg=/422x336/property-images.realgeeks.com/mnminne/3efd663732ce138b6884565f514ad029.jpg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-34.dus51.r.cloudfront.net
Software: /
Resource Hash: 6312815b1ea361cd32bec2abf096688913c2c3ce523d8ee5679cb9fbbb551878

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:38 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amzn-requestid: cd1b1150-aeb8-49da-a199-6b62c02b0c70
x-amz-cf-pop: DUS51-P1
etag: "a1be294d182f743c6e3326a7f46c0456a2e250a4"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amzn-trace-id: Root=1-62912e5d-6b38666933568992700be548;Sampled=0
content-length: 25421
x-amz-apigw-id: SzQuqEUOoAMFf3w=
x-amzn-remapped-date: Fri, 27 May 2022 20:02:37 GMT
x-amz-cf-id: _plcqPnEpaPmrhUs8dET7GQajYhV9uiZ3dAwZ2ZsnGgwRrQazHvQsg==
expires: Sat, 27 May 2023 20:02:38 GMT

GET
H2 200 588fbb634b79fa9ea8e95f2b7c6031f4.jpg
t2.realgeeks.media/thumbnail/vM2uMeW0B8rzJVtm_HTyTJn8C3o=/422x336/property-images.realgeeks.com/mnminne/ 27 KB
27 KB 809ms
809ms Image
image/jpeg 18.66.248.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.realgeeks.media/thumbnail/vM2uMeW0B8rzJVtm_HTyTJn8C3o=/422x336/property-images.realgeeks.com/mnminne/588fbb634b79fa9ea8e95f2b7c6031f4.jpg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-34.dus51.r.cloudfront.net
Software: /
Resource Hash: d33cf7413c6793b2267057a5ea4147f6908d476e7048a1beab0688becd05468b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:38 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amzn-requestid: 95c1672c-9bc5-41a4-9cd3-b275337e92f7
x-amz-cf-pop: DUS51-P1
etag: "fa40720f37c1dceddcc365827185e1508d62e494"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000,public
x-amzn-trace-id: Root=1-62912e5d-78bc279039092f5f1888a283;Sampled=0
content-length: 27619
x-amz-apigw-id: SzQuoHOwoAMFeaQ=
x-amzn-remapped-date: Fri, 27 May 2022 20:02:37 GMT
x-amz-cf-id: FO_ZwnxklIhDm3HvZ56Qb4f90Xxtay7zkBBRGLuWkfGyR_6hhxw4Ug==
expires: Sat, 27 May 2023 20:02:38 GMT

GET
H/1.1 200
OK nsmls_logo.gif
www.heelsteam.com/static/default/ 265 B
607 B 103ms
103ms Image
image/gif 34.238.62.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heelsteam.com/static/default/nsmls_logo.gif
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.62.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-62-66.compute-1.amazonaws.com
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: 76319366443619a6c877d7822246c6834c4ea9ad72ba8f23884d84c582a56dd0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 20:02:37 GMT
ETag: "62910855-109"
Last-Modified: Fri, 27 May 2022 17:20:21 GMT
Server: openresty/1.19.9.1
X-Powered-By: Otter-Pops
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 265
Expires: Sun, 26 Jun 2022 20:02:37 GMT

GET
H2 200 real-geeks-logo.svg
cdn.realgeeks.com/static/designs/img/ 7 KB
3 KB 35ms
34ms Image
image/svg+xml 13.32.121.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.realgeeks.com/static/designs/img/real-geeks-logo.svg
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-57.fra60.r.cloudfront.net
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: 1832551f1bbbfb7990041b79c50391d7566557b4e6654216041ed1dc4f20933f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:33:10 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 23:15:40 GMT
server: openresty/1.19.9.1
age: 919767
x-powered-by: Otter-Pops
etag: W/"6282db1c-1c2a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: d-fzrZCwn7X20Izr5VCNXV9Y_9IV-SICTehT0Go-qwr9TWxQsCHXuw==
expires: Thu, 16 Jun 2022 04:33:10 GMT

GET
H/1.1 200
OK / Show response
www.heelsteam.com/api/v2/search/autocomplete-options/ 413 KB
64 KB 631ms
631ms Fetch
application/json 34.238.62.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heelsteam.com/api/v2/search/autocomplete-options/
Requested by: Host: cdn.realgeeks.com
URL: https://cdn.realgeeks.com/static/CACHE/js/9e8619a8ca95.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.62.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-62-66.compute-1.amazonaws.com
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: 9a98f850068c2c3402e618c0d8f20963121b11b8479702b6646b20d7fbf9a5ab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 20:02:37 GMT
Content-Encoding: gzip
Server: openresty/1.19.9.1
X-Powered-By: Otter-Pops
Transfer-Encoding: chunked
Content-Type: application/json
X-Backend-Cache: MISS
X-UA-Device: wat?
Connection: keep-alive

GET
H/1.1 200
OK / Show response
www.heelsteam.com/cma/property-valuation/widget/ Frame 364F 5 KB
3 KB 150ms
150ms Document
text/html 34.238.62.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heelsteam.com/cma/property-valuation/widget/?use_anna=true&background_color=null&button_background_color=null
Requested by: Host: cdn.realgeeks.com
URL: https://cdn.realgeeks.com/static/widgets/js/valuation_anna.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.62.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-62-66.compute-1.amazonaws.com
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: 46e60245ef429e7edc3b2e133902e9d69704027ef14323a5d53a4b90213ca1a1

Request headers

Referer: https://www.heelsteam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: max-age=300
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 27 May 2022 20:02:37 GMT
P3P: CP="NID DSP ALL COR"
Server: openresty/1.19.9.1
Transfer-Encoding: chunked
X-Powered-By: Otter-Pops
X-UA-Device: wat?

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 111ms
34ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=294411691878802&ev=PageView&dl=https%3A%2F%2Fwww.heelsteam.com%2F&rl=&if=false&ts=1653681757453&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1653681757451.2052751358&it=1653681757153&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.heelsteam.com
URL: https://www.heelsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 27 May 2022 20:02:37 GMT

GET
H2 200 modernizr.js Show response
cdn.realgeeks.com/static/js/lib/ Frame 364F 11 KB
5 KB 34ms
33ms Script
application/javascript 13.32.121.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.realgeeks.com/static/js/lib/modernizr.js
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/cma/property-valuation/widget/?use_anna=true&background_color=null&button_background_color=null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-57.fra60.r.cloudfront.net
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: 9f5f59afb91c49cbd3505796aed5b94bc14be875d121b92bfa5eb7635ade8e6c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 10 May 2022 02:02:35 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 01:23:13 GMT
server: openresty/1.19.9.1
age: 1533602
x-powered-by: Otter-Pops
etag: W/"6279be81-2bf4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: HeyUBt9u9pjKGyfiF7waUbN8KhPJLxz9sjTaRLqg4KjaUKmDeHWPWg==
expires: Thu, 09 Jun 2022 02:02:35 GMT

GET
H2 200 anna.min.css
style.realgeeks.media/post/ Frame 364F 36 KB
9 KB 39ms
39ms Stylesheet
text/css 52.222.214.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://style.realgeeks.media/post/anna.min.css?zvars=eJyrVipIzEktKUnVzUssy0xPLMnMz3NKTM5OL8ovzUvRTc7PyS9SslJQUjYyNnI1MVLSUcCvIb8g%0AMTmzpBKkxVDPALtyn8y8bCST3cAAWWlSUSKK3QYGjs7ORkq1AEBQOTs%3D
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/cma/property-valuation/widget/?use_anna=true&background_color=null&button_background_color=null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-90.fra56.r.cloudfront.net
Software: / Express
Resource Hash: d4c2033abe61b13790c9b4d3445ffe23ba6fcf0e4e60f4e5719d1e5308ab4b8e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 00:30:06 GMT
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
etag: W/"8ff9-99DgQ01/fdjszIq1OrSfuRMMTZo"
age: 70817
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
x-amz-cf-pop: FRA56-P3
content-encoding: gzip
x-amz-cf-id: dzNp2nMu5yQE74l-AZkM4WE2BGtiaeLS428ukIkPU23geZKUGhqkGg==

GET
H2 200 html5shiv.min.js Show response
cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7/ Frame 364F 2 KB
2 KB 92ms
34ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7/html5shiv.min.js

Requested by

Host: www.heelsteam.com
URL: https://www.heelsteam.com/cma/property-valuation/widget/?use_anna=true&background_color=null&button_background_color=null

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db46a77dd9e0ba43865ce160a8d22a19dfd63cd73fe3c80554a4cae1cf9f6bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 169073
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1016
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:10 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9e-9c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRNq0PxRTmrbjn%2FbAyeKlhMbmlYtwpxW8tYURwQU%2BsRJq0MWggOSnmOa6afaChp51%2BK5SoDZcLLCIXhH6HuZqyePy79Tb%2B8biXnkmM%2BZM4hhneeB29KBwIce0CQJm0Q%2FTOEV20%2F14NccVWuRj8LpXCrj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 712159695aeb972d-AMS
expires: Wed, 17 May 2023 20:02:37 GMT

GET
H2 200 loading.gif
cdn.realgeeks.com/static/img/valuation/ Frame 364F 26 KB
27 KB 35ms
35ms Image
image/gif 13.32.121.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.realgeeks.com/static/img/valuation/loading.gif
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/cma/property-valuation/widget/?use_anna=true&background_color=null&button_background_color=null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-57.fra60.r.cloudfront.net
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: 856ca926aecce330f8f99b65b30fe836e49f00d06181db369256d9ecd27b5ac8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 11 May 2022 00:21:24 GMT
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
etag: "627af4b4-69a8"
last-modified: Tue, 10 May 2022 23:26:44 GMT
server: openresty/1.19.9.1
age: 1453272
x-powered-by: Otter-Pops
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 27048
x-amz-cf-id: BAoaxNW6zMcXxzfiGcnEEx29_bCg4pXZ0f-AJFv0_bq5vFQc4U8htQ==
expires: Fri, 10 Jun 2022 00:21:24 GMT

GET
H2 200 e5e808101225.js Show response
cdn.realgeeks.com/static/CACHE/js/ Frame 364F 223 KB
76 KB 34ms
34ms Script
application/javascript 13.32.121.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.realgeeks.com/static/CACHE/js/e5e808101225.js
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/cma/property-valuation/widget/?use_anna=true&background_color=null&button_background_color=null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-57.fra60.r.cloudfront.net
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: 95e40ec52bc3c7b9a3f2e08a736813d1377bfb760948d83e918e349c8e8d956b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:44:03 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 23:15:38 GMT
server: openresty/1.19.9.1
age: 908314
x-powered-by: Otter-Pops
etag: W/"6282db1a-37cbf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: YsuqmFIB6mAL3qO7Jhs6QAP6Fa9O0wUTteWX3ZpcY08fQjkrf_V_wA==
expires: Thu, 16 Jun 2022 07:44:03 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 364F 164 KB
54 KB 133ms
60ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?libraries=places,drawing&channel=realgeeks&client=gme-cinc

Requested by

Host: www.heelsteam.com
URL: https://www.heelsteam.com/cma/property-valuation/widget/?use_anna=true&background_color=null&button_background_color=null

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

fdcd95a2a61a4a7444f1dff12cab50f6ba4226152e8b83656233cd314e7e9561

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:37 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=17
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54664
x-xss-protection: 0
expires: Fri, 27 May 2022 20:32:37 GMT

GET
H2 200 search.min.js Show response
cdn.realgeeks.com/static/js/valuation/ Frame 364F 2 KB
1 KB 35ms
34ms Script
application/javascript 13.32.121.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.realgeeks.com/static/js/valuation/search.min.js
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/cma/property-valuation/widget/?use_anna=true&background_color=null&button_background_color=null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-57.fra60.r.cloudfront.net
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: a1579ed8c9d7b6102814bb6cf70d19614f655a3d9a6b2ae9d8554a6f21775c57

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 02 May 2022 00:00:35 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 19:27:28 GMT
server: openresty/1.19.9.1
age: 2232122
x-powered-by: Otter-Pops
etag: W/"626c3c20-7c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Nu10XI2lDOtk_jumJKoJIyMDnyada3KbZrpPrgffZidkvm_diZcsbQ==
expires: Wed, 01 Jun 2022 00:00:35 GMT

GET
H/1.1 200
OK rg.min.js Show response
www.heelsteam.com/static/widgets/js/ Frame 364F 2 KB
1 KB 110ms
109ms Script
application/javascript 34.238.62.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heelsteam.com/static/widgets/js/rg.min.js?v=2
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/cma/property-valuation/widget/?use_anna=true&background_color=null&button_background_color=null
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.62.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-62-66.compute-1.amazonaws.com
Software: openresty/1.19.9.1 / Otter-Pops
Resource Hash: c1c3efbd0230a0456633a6725081e69ad50c24d6939397e20df6a5e4dc025760

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/cma/property-valuation/widget/?use_anna=true&background_color=null&button_background_color=null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 20:02:37 GMT
Content-Encoding: gzip
ETag: W/"62910864-8df"
Last-Modified: Fri, 27 May 2022 17:20:36 GMT
Server: openresty/1.19.9.1
X-Powered-By: Otter-Pops
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 26 Jun 2022 20:02:37 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ Frame 364F 85 KB
30 KB 112ms
33ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: www.heelsteam.com
URL: https://www.heelsteam.com/static/widgets/js/rg.min.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:37 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1538f"
vary: Accept-Encoding
x-hw: 1653681757.dop124.am5.t,1653681757.cds300.am5.hn,1653681757.cds006.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 364F 3 B
45 B 117ms
48ms XHR
application/json 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places,drawing&channel=realgeeks&client=gme-cinc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.heelsteam.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/48/12/intl/nl_ALL/ Frame 364F 82 KB
30 KB 116ms
49ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/48/12/intl/nl_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places,drawing&channel=realgeeks&client=gme-cinc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30a5d36fb47b4a4fe0c830bc83a1d5dd4d142df8a5720708deec51c519bbbdd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 13:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30485
x-xss-protection: 0
last-modified: Tue, 03 May 2022 20:33:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 13:58:27 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/48/12/intl/nl_ALL/ Frame 364F 308 KB
92 KB 131ms
64ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/48/12/intl/nl_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places,drawing&channel=realgeeks&client=gme-cinc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63aaa007428e7f9108ab93f895719ca60f840345e11bc65d3e294fa0f7479534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:48:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93818
x-xss-protection: 0
last-modified: Tue, 03 May 2022 20:33:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 10:48:47 GMT

GET
H3 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/48/12/intl/nl_ALL/ Frame 364F 92 KB
28 KB 141ms
75ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/48/12/intl/nl_ALL/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places,drawing&channel=realgeeks&client=gme-cinc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9e9eed59c17cc3091d60c18dbb100ed87e75b3e462e6afd3a880906f9f5043b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:47:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28374
x-xss-protection: 0
last-modified: Tue, 03 May 2022 20:33:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 18:47:49 GMT

GET
H3 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/48/12/intl/nl_ALL/ Frame 364F 46 KB
17 KB 103ms
36ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/48/12/intl/nl_ALL/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places,drawing&channel=realgeeks&client=gme-cinc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbb28dacdce355c667ee06a668de7a3df51b82f2e4fd96a629bc92dcebedf82b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 17:06:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17490
x-xss-protection: 0
last-modified: Tue, 03 May 2022 20:33:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 17:06:59 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 72ms
34ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=294411691878802&ev=Microdata&dl=https%3A%2F%2Fwww.heelsteam.com%2F&rl=&if=false&ts=1653681757961&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Minnesota%20%26%20Wisconsin%20Real%20Estate%22%2C%22meta%3Adescription%22%3A%22Search%20all%20area%20real%20estate%20for%20sale%20on%20one%20easy-to-use%20site.%20Including%20homes%2C%20condos%2C%20townhomes%2C%20land%2C%20and%20foreclosure%20properties%20for%20sale.%22%2C%22meta%3Akeywords%22%3A%22search%2C%20real%20estate%2C%20for%20sale%2C%20homes%2C%20condos%2C%20townhomes%2C%20land%2C%20foreclosure%20properties%20for%20sale%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.heelsteam.com%2F%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Minnesota%20%26%20Wisconsin%20Real%20Estate%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fu.realgeeks.media%2Fheelsteam%2F_rgg%2Flandscape_images%2FYellowHouse.jpg%22%2C%22og%3Adescription%22%3A%22Search%20all%20area%20real%20estate%20for%20sale%20on%20one%20easy-to-use%20site.%20Including%20homes%2C%20condos%2C%20townhomes%2C%20land%2C%20and%20foreclosure%20properties%20for%20sale.%22%2C%22og%3Asite_name%22%3A%22Heelsteam.com%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1653681757451.2052751358&it=1653681757153&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: www.heelsteam.com
URL: https://www.heelsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 27 May 2022 20:02:38 GMT

GET
H2 200 widgets.min.css
widgets.realgeeks.com/static/css/ Frame 364F 447 B
763 B 131ms
36ms Stylesheet
text/css 18.66.248.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.realgeeks.com/static/css/widgets.min.css?v=dcbc39d6578244f2af8d0ce6096bc056
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-96.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1811c7a0c65cd4648a5bc43e764219b39928478bf9f49fbafbe96e5b29f6b53a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 22:25:56 GMT
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
last-modified: Tue, 03 May 2022 23:12:11 GMT
server: AmazonS3
age: 77803
etag: "76ebb326de14126476175197f5ab56f0"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 447
x-amz-cf-id: M35NXI9lfo-F_vHg2Ib2-DK6fwANX3Dx0SgYRnr99_pVToPNWRfCaA==

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ Frame 364F 2 KB
2 KB 134ms
50ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Host: www.heelsteam.com
URL: https://www.heelsteam.com/cma/property-valuation/widget/?use_anna=true&background_color=null&button_background_color=null

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:38 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1616
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Fri, 27 May 2022 20:02:38 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ Frame 364F 3 KB
4 KB 125ms
41ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Host: www.heelsteam.com
URL: https://www.heelsteam.com/cma/property-valuation/widget/?use_anna=true&background_color=null&button_background_color=null

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.heelsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 20:02:38 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3351
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Fri, 27 May 2022 20:02:38 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.heelsteam.com/	1970-01-20 20:52:33	Name: __utma Value: 147786030.165243721.1653681757.1653681757.1653681757.1
.heelsteam.com/	1969-12-31 23:59:59	Name: __utmc Value: 147786030
.heelsteam.com/	1970-01-20 07:44:09	Name: __utmz Value: 147786030.1653681757.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.heelsteam.com/	1970-01-20 03:21:22	Name: __utmt_UA-50697213-2 Value: 1
.heelsteam.com/	1970-01-20 03:21:22	Name: __utmt Value: 1
.heelsteam.com/	1970-01-20 03:21:23	Name: __utmb Value: 147786030.2.10.1653681757
www.heelsteam.com/	1970-01-20 04:04:33	Name: last_visit_time Value: 1653681757
www.heelsteam.com/	1970-01-20 03:22:48	Name: last_content_search_id Value: 3
.heelsteam.com/	1970-01-20 05:30:57	Name: _fbp Value: fb.1.1653681757451.2052751358

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.heelsteam.com/live-chat/auth/ Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.realgeeks.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
fonts.gstatic.com
heelsteam.com
maps.googleapis.com
maps.gstatic.com
stats.g.doubleclick.net
style.realgeeks.media
t2.realgeeks.media
u.realgeeks.media
websdk.appsflyer.com
widgets.realgeeks.com
www.facebook.com
www.heelsteam.com
108.157.4.29
13.32.121.57
18.66.248.34
18.66.248.96
2001:4de0:ac18::1:a:1b
2606:4700::6811:180e
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:400c:c0c::9d
2a02:26f0:3500:11::215:14d5
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.238.62.66
52.222.214.90
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
05772991c1b50e5514395b758aba35c1512615c697810e9f83f256642588cf36
0bf75c25e6407a65dfab8fbc5dfaff98c87946dbf6d2870232d9479bdaa1db1b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12d086fe12b62945f10d2b42d13fdb6848cd9a8c0fc70800e1cfcdab7365516a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1811c7a0c65cd4648a5bc43e764219b39928478bf9f49fbafbe96e5b29f6b53a
1832551f1bbbfb7990041b79c50391d7566557b4e6654216041ed1dc4f20933f
1a137a05b5b9defacdc23009f95359bc85fef6c1a254389a10604fa74b6f99d4
1c9e5342537cb99cb4a18ff92a2e4239b8f1a47484c05667e638e0ff24c2a782
20f1ffe834ec81803d1deec701512bc68f737b99a1c681276534a13cb7231177
2763db9a7991ec89f4cf229415a9a74ce8ff234539c30e697d3ebb77cdf3f117
2f44c4c0006c2239db8defec6537b0306ed3981369008fc4711bad69fbaf15e1
30a5d36fb47b4a4fe0c830bc83a1d5dd4d142df8a5720708deec51c519bbbdd9
37be90e50511614bba319976e46c298f7cbd782220776e8404109ff6766ac615
3fd3016de8aa5330a85896966f9fc4f61180e575df7d82fc02c14ff92d50b69a
462ad72bd5b4d6ea19b65a0914507d253e7af550233f88e37c8542963b6984ca
46e60245ef429e7edc3b2e133902e9d69704027ef14323a5d53a4b90213ca1a1
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4d8314e9edf222c2566c458848b365b6980ce568f66f9450cc8703b1efb656b3
4e8f5db07563aca4c98efa1a564991e17a05fde46ff0197da48fb74bd7115aa0
5b8da73c7fc424295cc35141757f73a6e7a19cfa064b9daba31e67c021d70894
5e9576d3317133545cbe780fa8436e9cac33d82db66587c6d8a6ea6b56bc3299
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6312815b1ea361cd32bec2abf096688913c2c3ce523d8ee5679cb9fbbb551878
63aaa007428e7f9108ab93f895719ca60f840345e11bc65d3e294fa0f7479534
6f1c8e4d0840c80a19c19423c5188dda5ba06a8e841c41d86c4422ecda243c72
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
76319366443619a6c877d7822246c6834c4ea9ad72ba8f23884d84c582a56dd0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
856ca926aecce330f8f99b65b30fe836e49f00d06181db369256d9ecd27b5ac8
869ac29d49d6bb5f9231fd54ff0434031b78da4faeec5031982be1ea1c9485f5
8cceb5bf96fb644e59f29ae85f9b6425ffeacf6c50e05910fa5c882d6458d015
8e19db88ca1bc164423bff1d3f346dc4b869a20530e02ddad5d1910cadfde47f
95e40ec52bc3c7b9a3f2e08a736813d1377bfb760948d83e918e349c8e8d956b
9a98f850068c2c3402e618c0d8f20963121b11b8479702b6646b20d7fbf9a5ab
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9f5f59afb91c49cbd3505796aed5b94bc14be875d121b92bfa5eb7635ade8e6c
9fbe5b24f45e63c23632e0c2b08d158bc577b892f4467a656fb669d629f3afb2
a1579ed8c9d7b6102814bb6cf70d19614f655a3d9a6b2ae9d8554a6f21775c57
b37e56f146ebb0b5e79652cd86c4dbac4260f438ce8bcd1191700efad3426c45
bafcebffd9b9294cb6087661a015dc9b7547265954b2c30cea8f5a33d4924303
bbb28dacdce355c667ee06a668de7a3df51b82f2e4fd96a629bc92dcebedf82b
bfd72d517cc18fbbee0f12febf5ccc307b176400affceb26d354e24c749f1743
c1c3efbd0230a0456633a6725081e69ad50c24d6939397e20df6a5e4dc025760
c32d1fd30672086870c33f5d6385a3a9cadf424f87d277a4871247f6bbcb4613
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
cf3656b718d9643a198e206fb3bb6b60348611cf17a186ba3deba4d1b2a57cc7
d33cf7413c6793b2267057a5ea4147f6908d476e7048a1beab0688becd05468b
d4c2033abe61b13790c9b4d3445ffe23ba6fcf0e4e60f4e5719d1e5308ab4b8e
daf97f54389aac72a0c0e73e72eb530990974ec47d674c48a3be7d6306e0bb19
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
db46a77dd9e0ba43865ce160a8d22a19dfd63cd73fe3c80554a4cae1cf9f6bca
e29dafd8f07cc55fdfefc5cbc380bb807ee414efe17b4361f943b28bbe68a3a9
e411d62415470b8c580d4f9db52d9b189b7738b11218e375256eb3b17edbeedb
e9e9eed59c17cc3091d60c18dbb100ed87e75b3e462e6afd3a880906f9f5043b
ed9a40532f0540af74cfdd8437c225156d418e5098aabdfd75da8b0d85630171
fdcd95a2a61a4a7444f1dff12cab50f6ba4226152e8b83656233cd314e7e9561

www.heelsteam.com Open in urlscan Pro 34.238.62.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

60 %IPv6

11 Domains

16 Subdomains

15 IPs

4 Countries

6468 kBTransfer

9924 kBSize

9 Cookies

6 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heelsteam.com Open in urlscan Pro
34.238.62.66 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

60 %
IPv6

11
Domains

16
Subdomains

15
IPs

4
Countries

6468 kB
Transfer

9924 kB
Size

9
Cookies

62 HTTP transactions
0 data transactions