urlscan.io logo urlscan.io
SecurityTrails logo

www.heliar.com Open in urlscan Pro
2620:1ec:4e:1::44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://heliar.com.br/
Effective URL: https://www.heliar.com/
Submission: On May 03 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 12 domains to perform 63 HTTP transactions. The main IP is 2620:1ec:4e:1::44, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.heliar.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 31st 2022. Valid for: a year.
This is the only time www.heliar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2620:1ec:4f:1... 8075 (MICROSOFT...)
1 22 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
17 52.239.222.100 8075 (MICROSOFT...)
5 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
63 11
1    2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
heliar.com.br
22    2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.heliar.com.br
www.heliar.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
17    52.239.222.100 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
useast2prodbrandsites.blob.core.windows.net
5    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
21 heliar.com
www.heliar.com
341 KB
17 windows.net
useast2prodbrandsites.blob.core.windows.net
1 MB
9 gstatic.com
fonts.gstatic.com
175 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
273 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
395 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
30 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
21 KB
2 heliar.com.br
heliar.com.br
www.heliar.com.br
639 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 google.com
www.google.com — Cisco Umbrella Rank: 16
408 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
1 KB
0 google.de Failed
www.google.de Failed
63 12
Domain Requested by
21 www.heliar.com www.heliar.com
17 useast2prodbrandsites.blob.core.windows.net www.heliar.com
9 fonts.gstatic.com fonts.googleapis.com
5 www.googletagmanager.com www.heliar.com
www.googletagmanager.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.heliar.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.facebook.com www.heliar.com
1 www.google.com www.heliar.com
1 fonts.googleapis.com www.heliar.com
1 www.heliar.com.br 1 redirects
1 heliar.com.br 1 redirects
0 www.google.de Failed www.heliar.com
63 13

This site contains links to these domains. Also see Links.

Domain
www.heliarexpress.com.br
www.facebook.com
www.instagram.com
www.youtube.com
www.clarios.com
Subject Issuer Validity Valid
www.heliar.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-31 -
2023-08-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 06		 2023-02-15 -
2024-02-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-10 -
2023-05-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.heliar.com/
Frame ID: 7A2E878F225BC536E7B35A6D019C9F35
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

A melhor bateria para o seu carro | Baterias Heliar

Page URL History Show full URLs

  1. http://heliar.com.br/ HTTP 302
    https://www.heliar.com.br/ HTTP 301
    https://www.heliar.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

63
Requests

97 %
HTTPS

91 %
IPv6

12
Domains

13
Subdomains

11
IPs

3
Countries

1924 kB
Transfer

2998 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://heliar.com.br/ HTTP 302
    https://www.heliar.com.br/ HTTP 301
    https://www.heliar.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heliar.com/
Redirect Chain
  • http://heliar.com.br/
  • https://www.heliar.com.br/
  • https://www.heliar.com/
55 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
08867cb0707e1ef2def487485a82e3f0da1dc32af9488241f647841a11974ade
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=42396
content-encoding
gzip
content-length
14636
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
content-type
text/html; charset=utf-8
date
Wed, 03 May 2023 15:57:40 GMT
etag
"ec0eb7a4-8f21-42dc-b8ff-10a5d87fbcc1"
expires
Thu, 04 May 2023 03:44:17 GMT
last-modified
Tue, 02 May 2023 03:42:31 GMT
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-azure-ref
20230503T155740Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u8u3
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
146
content-type
text/html; charset=utf-8
date
Wed, 03 May 2023 15:57:40 GMT
location
https://www.heliar.com/
x-azure-ref
20230503T155739Z-vyw0bt9qbh3wx5mr5d4z96s25000000004d000000000zm6u
x-cache
CONFIG_NOCACHE
main.min.css
www.heliar.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/css/ 		129 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/css/main.min.css?package=Talon
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fcc65e8dccbbc9a608ed89dce066bf99bcfd2b54d35c46741f85e302266b6c91
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
CONFIG_NOCACHE
content-length
31959
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Apr 2023 19:40:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-azure-ref
20230503T155740Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u8vs
cache-control
public
accept-ranges
bytes
expires
Wed, 10 May 2023 15:57:40 GMT
css2
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow:wght@300;400;500;600;700;800&family=Red+Hat+Text:wght@400;500;700&family=Roboto:wght@300;400;500;700&display=swap
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f458bab944181274c917c98707c522337f8a7d2c1279eedbb47551f1d1fc3464
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 May 2023 15:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 May 2023 15:57:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 May 2023 15:57:40 GMT
lightning-bolt812bd667b9a247379dc9e68b486b2211.png
www.heliar.com/images/default-source/default-album/ 		17 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heliar.com/images/default-source/default-album/lightning-bolt812bd667b9a247379dc9e68b486b2211.png
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cb80080ee311449d6be95e4445c1b635e9704e279aa2bde3d31f3f68d8855976
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:41 GMT
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
CONFIG_NOCACHE
content-disposition
inline; filename=lightning-bolt812bd667b9a247379dc9e68b486b2211.png
content-length
17533
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Aug 2021 20:39:10 GMT
x-frame-options
SAMEORIGIN
x-azure-ref
20230503T155741Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u8y2
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 May 2024 15:57:41 GMT
bateria-generica_2d904870-6b38-4462-950c-bdb267b4f58c.png
useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/bateria-generica_2d904870-6b38-4462-950c-bdb267b4f58c.png?sfvrsn=6ea05799_3
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.222.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
df564fded91c08d59bacab2a8d36cfe7647ef8f4a98fd30a10760b8b1e350074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 May 2023 15:57:41 GMT
Last-Modified
Mon, 29 Aug 2022 19:31:01 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Yi567ljIUCYtR8zCuU8p2g==
ETag
0x8DA89F50185D9A4
Content-Type
image/png
x-ms-request-id
a7edc82b-401e-0042-17d7-7d795d000000
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Content-Length
26068
powersports-moto3f5fae49-cb04-4ada-b29f-5e2b75d6c876_f812b0b2-10f8-4f80-919c-787d386a97cf.png
useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/powersports-moto3f5fae49-cb04-4ada-b29f-5e2b75d6c876_f812b0b2-10f8-4f80-919c-787d386a97cf.png?sfvrsn=6006e9d0_11
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.222.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
10e5f3eca250f13a4e1047fcd1f1c44b4f29b550739b7defa4c6b0fb3727b7c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 May 2023 15:57:41 GMT
Last-Modified
Mon, 29 Aug 2022 19:31:04 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
OIEs3Cb3h4hXmzY+BagUlA==
ETag
0x8DA89F503448219
Content-Type
image/png
x-ms-request-id
95a6f734-901e-0040-23d7-7d7ba7000000
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Content-Length
19211
bateria-frotabfce2b16-6fda-4c5f-9eea-8621c1d4c940b450f03bdedf43deac5677590032d3d4b450f03bdedf43deac5677590032d3d4_f0697610-57a1-48b1-892c-14dae4c56411.png
useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/products/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/products/bateria-frotabfce2b16-6fda-4c5f-9eea-8621c1d4c940b450f03bdedf43deac5677590032d3d4b450f03bdedf43deac5677590032d3d4_f0697610-57a1-48b1-892c-14dae4c56411.png?sfvrsn=1d8fb331_27
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.222.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
686af88332f40cff92c08d529280da00ca366c9123e30f31c8ade5fc567069b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 May 2023 15:57:41 GMT
Last-Modified
Mon, 29 Aug 2022 19:31:05 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
denm8gqnp7AcqSsSEcQqng==
ETag
0x8DA89F5045AA8C1
Content-Type
image/png
x-ms-request-id
04700eef-101e-0037-3ed7-7dfee6000000
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Content-Length
46295
image-(3)_b3940883-b1bc-4473-a45b-b4c55ad4c99c.png
useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/image-(3)_b3940883-b1bc-4473-a45b-b4c55ad4c99c.png?sfvrsn=27cc339_3
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.222.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1af6633a9b80b5a01b59fdba8a70701328dfdc62aef272d7a46479d9e7a0db35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 May 2023 15:57:41 GMT
Last-Modified
Mon, 29 Aug 2022 19:31:01 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
tYnl7aLHgAYrtDDHFqGgXw==
ETag
0x8DA89F501D9E006
Content-Type
image/png
x-ms-request-id
17db0cfd-701e-000e-61d7-7dbe42000000
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Content-Length
17794
mao.png
useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/callouts/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/callouts/mao.png?sfvrsn=cfd78d31_3
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.222.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
82ba1500284551ea3d0e4f99a753485efaf9de27d45fbe2989cdbca347d33c89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 May 2023 15:57:41 GMT
Last-Modified
Mon, 29 Aug 2022 19:31:05 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
wO2FK5AsAoSQywiRddN5IQ==
ETag
0x8DA89F50459E599
Content-Type
image/png
x-ms-request-id
b55d71f1-601e-0038-18d7-7d1310000000
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Content-Length
136144
bitmapb81969ba-2bf6-48d9-86b8-b884215de69a.png
useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/bitmapb81969ba-2bf6-48d9-86b8-b884215de69a.png?sfvrsn=fb94cd9c_3
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.222.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
91370ac944fbae0e7b0fd6af9c2b3a9899b0988b02b71741d80e2b59642e668d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 May 2023 15:57:41 GMT
Last-Modified
Mon, 29 Aug 2022 19:31:04 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
LfbE4/wFXUS7C50723oD3Q==
ETag
0x8DA89F5034719BE
Content-Type
image/png
x-ms-request-id
95a6f757-901e-0040-43d7-7d7ba7000000
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Content-Length
4126
bitmapf2e5df5f-470b-4ae1-9b9c-71c5e25e0636.png
useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/bitmapf2e5df5f-470b-4ae1-9b9c-71c5e25e0636.png?sfvrsn=f5a0cff6_3
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.222.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
91021dbec61c631bc94066505def0edc4dd97adb82c777636e9612c8310f7533

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 May 2023 15:57:41 GMT
Last-Modified
Mon, 29 Aug 2022 19:31:05 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
VZHzbVRdYiE8B+bFBHUluQ==
ETag
0x8DA89F5045A81C2
Content-Type
image/png
x-ms-request-id
a7edc875-401e-0042-55d7-7d795d000000
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Content-Length
6913
bitmapb723087d-cb8f-428a-a738-9b9b0124dbcb.png
useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/bitmapb723087d-cb8f-428a-a738-9b9b0124dbcb.png?sfvrsn=340f9a34_3
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.222.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
99f1c26adb4221ce95fc90e9790180d83bcf8b3be30aad1f3f16d276246546db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 May 2023 15:57:41 GMT
Last-Modified
Mon, 29 Aug 2022 19:31:05 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
PLSmqfSFFmnX8ejZAO9rIg==
ETag
0x8DA89F504602627
Content-Type
image/png
x-ms-request-id
04700f25-101e-0037-6fd7-7dfee6000000
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Content-Length
2935
bitmapffc3c080-b093-4817-84d5-591de176f688.png
useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/bitmapffc3c080-b093-4817-84d5-591de176f688.png?sfvrsn=dc361150_1
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.222.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b0b8b3a8f6ca7f9b338169d9538e22dae4830dcc333a80933e8f1975f395ae43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 May 2023 15:57:41 GMT
Last-Modified
Mon, 29 Aug 2022 19:31:02 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
dOyz7bQbkBiEXKNIkdiZwg==
ETag
0x8DA89F502971F14
Content-Type
image/png
x-ms-request-id
17db0d2f-701e-000e-12d7-7dbe42000000
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Content-Length
9845
super-free-batteryfcd16449-293b-4e21-a19a-980154c58841.png
useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/callouts/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/callouts/super-free-batteryfcd16449-293b-4e21-a19a-980154c58841.png?sfvrsn=e8edb389_3
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.222.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8eeeaf48abfcb8c3a5ce3377a7e6d7b2dccb43a671a4e21b5e65d4b37ee57cf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 May 2023 15:57:41 GMT
Last-Modified
Mon, 29 Aug 2022 19:31:01 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
f6w5x8ED1xK42+YtV0z54Q==
ETag
0x8DA89F501EE4F34
Content-Type
image/png
x-ms-request-id
04700e71-101e-0037-4cd7-7dfee6000000
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Content-Length
35237
frota-batterycd52a403-35de-43ae-a5c9-50af56266931.png
useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/callouts/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/callouts/frota-batterycd52a403-35de-43ae-a5c9-50af56266931.png?sfvrsn=62700231_3
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.222.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dd5500f370133c1ea582c5114ffcbd1d71987eb4dcfc77cea7e259784dad267c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 May 2023 15:57:41 GMT
Last-Modified
Mon, 29 Aug 2022 19:31:05 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
FzDyYPRgkYi1sd43YAeAjQ==
ETag
0x8DA89F503EABA52
Content-Type
image/png
x-ms-request-id
95a6f712-901e-0040-05d7-7d7ba7000000
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Content-Length
15283
moto-battery7c2e1a4f-13a1-4979-83f9-e64cef81db20.png
useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/callouts/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/callouts/moto-battery7c2e1a4f-13a1-4979-83f9-e64cef81db20.png?sfvrsn=8b52b03a_3
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.222.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6d3a91f14897169a97557f02168e1a8f6f28e2b4c1645538ae8bc97e7d206c79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 May 2023 15:57:41 GMT
Last-Modified
Mon, 29 Aug 2022 19:31:02 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
qh9oWI5WOcHGKBlzxdYxcQ==
ETag
0x8DA89F50296D0F7
Content-Type
image/png
x-ms-request-id
17db0ca1-701e-000e-0fd7-7dbe42000000
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Content-Length
24723
no-break-batteryf40aa47f-679d-4d8d-8d71-4af248017e5c.png
useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/callouts/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/callouts/no-break-batteryf40aa47f-679d-4d8d-8d71-4af248017e5c.png?sfvrsn=1fd8e94c_1
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.222.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7d910d9161e735da1c0eb8d54f3793428c8bee33c049c02f02d89f0f757c1722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 May 2023 15:57:40 GMT
Last-Modified
Mon, 29 Aug 2022 19:31:01 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
X5drtv3kWuHzSJAUKjMa9Q==
ETag
0x8DA89F501869CDA
Content-Type
image/png
x-ms-request-id
b55d718f-601e-0038-3fd7-7d1310000000
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Content-Length
24735
pin-de-lojafcec8885-d995-48bb-be6a-61301a692590.png
useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/ 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/pin-de-lojafcec8885-d995-48bb-be6a-61301a692590.png?sfvrsn=9806f117_3
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.222.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e870dd4b56843b01977c82ac956448f54eadb194b5fd7013331decbfb26bd056

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 May 2023 15:57:41 GMT
Last-Modified
Mon, 29 Aug 2022 19:31:02 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Sz+vFjFJi6qzCY79ZaiUnA==
ETag
0x8DA89F5020A3746
Content-Type
image/png
x-ms-request-id
a7edc8b2-401e-0042-0cd7-7d795d000000
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Content-Length
141228
mao-small532eb502-d45d-4190-b7de-d5392ae52088.png
useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/callouts/ 		217 KB
217 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/callouts/mao-small532eb502-d45d-4190-b7de-d5392ae52088.png?sfvrsn=fe975fc6_1
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.222.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9157a0680a3566a613b2af1f3b3e71c818664f3a7a9feb12d4ecc6941771e10e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 May 2023 15:57:41 GMT
Last-Modified
Mon, 29 Aug 2022 19:31:02 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
8nf6IlPYWJbVuX479Mpmlw==
ETag
0x8DA89F50203F6B0
Content-Type
image/png
x-ms-request-id
95a6f795-901e-0040-7bd7-7d7ba7000000
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Content-Length
221713
ScriptResource.axd
www.heliar.com/ 		95 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/ScriptResource.axd?d=4bMApOb58R6igmkUEZ0eXt4v7UZGjWh_Hkl0goAU1lIh1xnm-t31w0LXz4kh8_ujfIl9m8ecFBz_eT3hcCQWwwxfAk7f8In5rWKctlHZM2TnEkbWgQj0Xr5YVmVKmWMejYLNl7OnXHthGULRVagrKIeWwnlXXQ2IbzoUftgkSjkDvIC4hEmnWcjsEHEDkAUW0&t=1f7ae5e
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
CONFIG_NOCACHE
content-length
43445
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 30 Jan 2023 20:39:24 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
x-azure-ref
20230503T155741Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u8x4
cache-control
public
accept-ranges
bytes
expires
Tue, 30 Jan 2024 20:39:24 GMT
ScriptResource.axd
www.heliar.com/ 		8 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/ScriptResource.axd?d=EydukmxBmDstn7gSYzQESByD9xbZqzJEe_WFKMZ2DA76zKfRh3Ht4PoUnqysG0QKv1EZq1MWO_y9zsgqX-bIvR74LZw61LfEiuvCV45x279OOnOkMVqz_Abv8ba9BB8CHll8cTHQHOzoG4BY0wZ6xPnV8MMmuZx9N_sdnTE-gFQCmUy-gV_KtXqrUgUBUi000&t=1f7ae5e
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cda66aaac66c47585d9917fcf9e6c0f28322715caf35b94e0f8224ab629182c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
CONFIG_NOCACHE
content-length
3834
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Dec 2022 09:56:39 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
x-azure-ref
20230503T155741Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u8xq
cache-control
public
accept-ranges
bytes
expires
Thu, 07 Dec 2023 09:56:39 GMT
ScriptResource.axd
www.heliar.com/ 		248 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/ScriptResource.axd?d=VKaJmfFWDpQxp1_HxsR1qHKS8SE6EjPa_Dk3-A9KeaOXNXsjqu0-dpH3vZisaF2FK3DqPml3_gIcVP1oPBdhrpiPE-_FCsGP3Dsb8gK8UBzQW3-aFSI10qhCWUCvAOIf-khjJj-iVg0dWlV71EMvPv6Kg4CVHQJc18QjMIQmyMqJfCwswMeja9E9tNAuVluEmFok7hRVl9E1167p5hI-yg2&t=1f7ae5e
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fd2a752492b64050c772c50f5539a28ed106d2433945c04abb57e3fab1a83186
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:41 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
last-modified
Mon, 29 Aug 2022 21:50:06 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
x-azure-ref
20230503T155741Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u8xu
x-cache
CONFIG_NOCACHE
cache-control
public
x-xss-protection
1; mode=block
expires
Tue, 29 Aug 2023 21:50:06 GMT
Search-box.min.js
www.heliar.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Search/Mvc/Scripts/SearchBox/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Search/Mvc/Scripts/SearchBox/Search-box.min.js?package=Talon&v=MTIuMi43MjMyLjA%3d
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
72a518e587c7609bc770fb1dc63f94d5d5b4b3b8df0d8d7096198cd76cec166e
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
CONFIG_NOCACHE
content-length
1224
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Apr 2023 19:40:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
20230503T155741Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u8xv
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 10 May 2023 15:57:41 GMT
runtime.umd.min.js
www.heliar.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/ 		6 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/runtime.umd.min.js?package=Talon&v=LTEyMDAwMjIxNDk%3d
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
48e8b8dfe20b35b558b1570581f5434d02a83bfc5471e6afe5da097640eeb33b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
CONFIG_NOCACHE
content-length
2978
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Apr 2023 19:40:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
20230503T155741Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u8xw
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 10 May 2023 15:57:41 GMT
all.min.js
www.heliar.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/ 		103 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/all.min.js?package=Talon&v=LTEyMDAwMjIxNDk%3d
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
78adb249a23b87fc92d7e317d9858e1d646a075a4eabd569f7acfc75ee8fc863
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
CONFIG_NOCACHE
content-length
36650
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Apr 2023 19:40:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
20230503T155741Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u8xx
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 10 May 2023 15:57:41 GMT
location-search.min.js
www.heliar.com/Frontend-Assembly/Clarios.Locations/assets/dist/js/ 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/Frontend-Assembly/Clarios.Locations/assets/dist/js/location-search.min.js?package=Talon&v=LTEyMDAwMjIxNDk%3d
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
23f0db65a5c9b867c2c4a790e3107ae9bb08f217961335b748e1655d5eb2b684
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
CONFIG_NOCACHE
content-length
2170
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Apr 2023 19:40:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
20230503T155741Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u8xy
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 10 May 2023 15:57:41 GMT
search-by-fitment.min.js
www.heliar.com/Frontend-Assembly/Clarios.Fitment/assets/dist/js/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/Frontend-Assembly/Clarios.Fitment/assets/dist/js/search-by-fitment.min.js?package=Talon&v=LTEyMDAwMjIxNDk%3d
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
13ca9126fbfd12a279dac6557ea7a200159a682ca9673528983170e12c251c9b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
CONFIG_NOCACHE
content-length
2337
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Apr 2023 19:40:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
20230503T155741Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u8xz
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 10 May 2023 15:57:41 GMT
speedbump.min.js
www.heliar.com/ResourcePackages/Talon/assets/dist/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/ResourcePackages/Talon/assets/dist/js/speedbump.min.js?package=Talon
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e19a3023252123d470e7f214025b6385a46fa7effdb9b6c798a7e4fb454964a5
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
CONFIG_NOCACHE
content-length
1593
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Apr 2023 19:41:08 GMT
etag
"0222b8e6471d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
20230503T155741Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u8y0
cache-control
max-age=2678400
accept-ranges
bytes
WebResource.axd
www.heliar.com/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/WebResource.axd?d=yAZznlIeaGQJz8qTi4uqDfyL9bVOck37iGzH0FmQDchQoWvRx4sO3J597tQkXMYEuNhkCvNYK_z5lbRIjzhllAyb_reMy_6RfQqxYDx97amvzmE46ofMsajufAMbSh8hFYSwObLXpFl7LsOnwjQK3evIzDoToIunVqhLM0bE7R41&t=638173572560000000
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e538c09bf64f9e04bf11c4f72d23552f2c611c1c571ddd91a20dc5a3492d9603
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
CONFIG_NOCACHE
content-length
1161
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 14:48:56 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
20230503T155741Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u8y1
cache-control
public
accept-ranges
bytes
expires
Fri, 27 Oct 2023 00:04:55 GMT
gtm.js
www.googletagmanager.com/ 		102 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5C64XP4
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c7d8fe201b8fa91a192799b3b2cb10841fed30682a702dab3649566392032e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40578
x-xss-protection
0
last-modified
Wed, 03 May 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 May 2023 15:57:41 GMT
gtm.js
www.googletagmanager.com/ 		202 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NR7WQ6R
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0e4e36561b60aa416bbb4955ddc3c360984d87a147f1f1b2eeb8f32d103c7fa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68839
x-xss-protection
0
last-modified
Wed, 03 May 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 May 2023 15:57:41 GMT
heliar-defs.svg
www.heliar.com/assets/images/ 		67 KB
25 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/assets/images/heliar-defs.svg
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c7f3e3c02f75c3c4d165321558dacbdb804315160358babfbe1dfab72fec82fc
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
CONFIG_NOCACHE
content-length
23443
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Apr 2023 19:40:36 GMT
etag
"052187b6471d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-azure-ref
20230503T155741Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u8y8
cache-control
max-age=2678400
accept-ranges
bytes
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@300;400;500;600;700;800&family=Red+Hat+Text:wght@400;500;700&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heliar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 18:58:23 GMT
x-content-type-options
nosniff
age
334758
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 18:58:23 GMT
green-background-hero.png
useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/default-album/green-background-hero.png?sfvrsn=60240c57_4
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.222.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c19e639b4bbac48cf05b883b63b986532b80e914e92d8e11cc45de207187c442

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 May 2023 15:57:41 GMT
Last-Modified
Mon, 29 Aug 2022 19:31:01 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
YbvYdFvFl+5X/HvS+wtx3Q==
ETag
0x8DA89F501CBFF74
Content-Type
image/png
x-ms-request-id
961571ae-401e-000d-46d7-7dbd45000000
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Content-Length
194475
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@300;400;500;600;700;800&family=Red+Hat+Text:wght@400;500;700&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heliar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:22:44 GMT
x-content-type-options
nosniff
age
380097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 06:22:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@300;400;500;600;700;800&family=Red+Hat+Text:wght@400;500;700&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heliar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:10:15 GMT
x-content-type-options
nosniff
age
380846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 06:10:15 GMT
lightning-bolt.png
www.heliar.com/images/default-source/default-album/ 		20 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heliar.com/images/default-source/default-album/lightning-bolt.png?sfvrsn=a278bb68_1
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1ede6d07f1d0a5c90ec27417c018ffb87c5ffb8516b8e4462206d9f0713b02d2
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:41 GMT
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
CONFIG_NOCACHE
content-disposition
inline; filename=lightning-bolt.png
content-length
20493
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Aug 2021 20:39:08 GMT
x-frame-options
SAMEORIGIN
x-azure-ref
20230503T155741Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u8y9
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 May 2024 15:57:41 GMT
service-staff8439a634-fbd3-4298-8901-572d11a87575.png
useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/callouts/ 		170 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://useast2prodbrandsites.blob.core.windows.net/heliar-sfassets-prod/images/default-source/callouts/service-staff8439a634-fbd3-4298-8901-572d11a87575.png?sfvrsn=13b6028d_3
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.222.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
db322eb6c380bc26a10702e784dc0ecb3e7729b14ce934d4dc3b652c5ae5cc81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 May 2023 15:57:41 GMT
Last-Modified
Mon, 29 Aug 2022 19:31:05 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
2dXs77QOoken3nSrxgiMuQ==
ETag
0x8DA89F5045D8E88
Content-Type
image/png
x-ms-request-id
961572be-401e-000d-3ed7-7dbd45000000
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Content-Length
173815
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@300;400;500;600;700;800&family=Red+Hat+Text:wght@400;500;700&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heliar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 23:14:12 GMT
x-content-type-options
nosniff
age
405809
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Apr 2024 23:14:12 GMT
7cHqv4kjgoGqM7E3q-0s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3q-0s51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@300;400;500;600;700;800&family=Red+Hat+Text:wght@400;500;700&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f132510bc7b665bbe5fb9227b0d2daafa5513296a72f88f88d38179eded9277
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heliar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:44:48 GMT
x-content-type-options
nosniff
age
328373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22052
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:05:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 20:44:48 GMT
RrQXbohi_ic6B3yVSzGBrMxQaKct.woff2
fonts.gstatic.com/s/redhattext/v13/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/redhattext/v13/RrQXbohi_ic6B3yVSzGBrMxQaKct.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@300;400;500;600;700;800&family=Red+Hat+Text:wght@400;500;700&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e45121e5dfe44e870d4bd8e28500c0a97404dc064fe44ad1fa68ec9a10462eb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heliar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:21:17 GMT
x-content-type-options
nosniff
age
322584
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27848
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 17:59:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 22:21:17 GMT
7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@300;400;500;600;700;800&family=Red+Hat+Text:wght@400;500;700&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heliar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 05:52:40 GMT
x-content-type-options
nosniff
age
381901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21796
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:35:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 05:52:40 GMT
7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@300;400;500;600;700;800&family=Red+Hat+Text:wght@400;500;700&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heliar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 18:48:31 GMT
x-content-type-options
nosniff
age
335350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21724
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:29:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 18:48:31 GMT
7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@300;400;500;600;700;800&family=Red+Hat+Text:wght@400;500;700&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heliar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 06:05:39 GMT
x-content-type-options
nosniff
age
467522
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21144
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:43:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Apr 2024 06:05:39 GMT
js
www.googletagmanager.com/gtag/ 		243 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BHGZH4C75N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C64XP4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c36f7d520fdac8bc07a5bd0d7e1206a82b2e388f60c6529c41e81f3620aee84a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84547
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 03 May 2023 15:57:41 GMT
js
www.googletagmanager.com/gtag/ 		243 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3XJN5HSH7K&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C64XP4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
978e77f36fa5fcc2df51ac178ecd8f330455d8080fe4633d3fec05acc3c285bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84683
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 03 May 2023 15:57:41 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NR7WQ6R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 May 2023 15:05:04 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3157
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 03 May 2023 17:05:04 GMT
fbevents.js
connect.facebook.net/en_US/ 		105 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9f7b103418c76d3c630fa9ac6128249bebab1e97454948c2fcfc22fc88f4ea3a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 03 May 2023 15:57:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27428
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
/Ao70+37dgNR311DP+P4ljcY34dRxAHRcSJw5fCFH5S2Ni3l0PVax9/iyyJC3ioCybn9EzD313cONQSp/b/p5w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HXH7DD7P0Q&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NR7WQ6R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
collect
stats.g.doubleclick.net/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BHGZH4C75N&cid=205763111.1683129461&gtm=45je3510&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BHGZH4C75N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 15:57:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heliar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
1336558646538045
connect.facebook.net/signals/config/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1336558646538045?v=2.9.103&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cabc16eb80b2047c7bab4fc97177ac3f6d4e33682fa3b95048b1801bcd55cedb
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 03 May 2023 15:57:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
KhGmJcwS7sb0cra3x5ISu6+VN0DmZLiAFzgz6m4Hy9ZlQZeqoRcSLPk0WdYDrU5FQMSuRN3r5aldnLC+GW8lPQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=110633210&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heliar.com%2F&ul=en-us&de=UTF-8&dt=A%20melhor%20bateria%20para%20o%20seu%20carro%20%7C%20Baterias%20Heliar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=207950718&gjid=249042951&cid=205763111.1683129461&tid=UA-18435604-1&_gid=153062381.1683129462&_r=1&_slc=1&gtm=45He3510n81NR7WQ6R&z=460121571
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heliar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 May 2023 15:57:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heliar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-18435604-1&cid=205763111.1683129461&jid=207950718&gjid=249042951&_gid=153062381.1683129462&_u=YADAAEAAAAAAACAAI~&z=41130754
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heliar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 03 May 2023 15:57:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heliar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18435604-1&cid=205763111.1683129461&jid=207950718&_u=YADAAEAAAAAAACAAI~&z=633588051
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 15:57:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1336558646538045&ev=PageView&dl=https%3A%2F%2Fwww.heliar.com%2F&rl=&if=false&ts=1683129461685&sw=1600&sh=1200&v=2.9.103&r=stable&ec=0&o=28&it=1683129461538&coo=false&rqm=GET
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 03 May 2023 15:57:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
countries
www.heliar.com/api/locations/ 		7 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/api/locations/countries?culture=pt-br&locationTypes=061193c3-56c4-45e6-b022-c2d0f0ec549e&locationTypes=50bd5bb1-c193-4f05-9256-a0fc8fdc08f2
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/Frontend-Assembly/Clarios.Locations/assets/dist/js/location-search.min.js?package=Talon&v=LTEyMDAwMjIxNDk%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
08026c2d3ac6c2dbc0e40dc01a78aa156b3e265019c748675bf9c1bc11aad77f
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
CONFIG_NOCACHE
content-length
2716
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-azure-ref
20230503T155742Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u907
cache-control
no-cache
accept-ranges
bytes
expires
-1
types
www.heliar.com/api/fitment/ 		16 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/api/fitment/types?sf_culture=pt-br
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/Frontend-Assembly/Clarios.Fitment/assets/dist/js/search-by-fitment.min.js?package=Talon&v=LTEyMDAwMjIxNDk%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c87a7efb9ac07589c568a82302473b36338386965e8e6c32680d68c10c49bb84
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
CONFIG_NOCACHE
content-length
135
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-azure-ref
20230503T155742Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u908
cache-control
no-cache
accept-ranges
bytes
expires
-1
types
www.heliar.com/api/fitment/ 		16 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/api/fitment/types?sf_culture=pt-br
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/Frontend-Assembly/Clarios.Fitment/assets/dist/js/search-by-fitment.min.js?package=Talon&v=LTEyMDAwMjIxNDk%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c87a7efb9ac07589c568a82302473b36338386965e8e6c32680d68c10c49bb84
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
CONFIG_NOCACHE
content-length
135
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-azure-ref
20230503T155742Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u909
cache-control
no-cache
accept-ranges
bytes
expires
-1
whitelistitems
www.heliar.com/sfapi/whitelistings/ 		514 B
962 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/sfapi/whitelistings/whitelistitems
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/ResourcePackages/Talon/assets/dist/js/speedbump.min.js?package=Talon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
55ab51ff2d1bb571f0c0fc88c31fb955ccb3d72cdf3fd574552b01d52b23a6c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 15:57:42 GMT
content-encoding
gzip
odata-version
4.0
vary
Accept-Encoding
x-azure-ref
20230503T155742Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u90a
content-type
application/json; odata.metadata=minimal
x-cache
CONFIG_NOCACHE
cache-control
no-store, must-revalidate, no-cache
accept-ranges
bytes
content-length
411
expires
Mon, 01 Jan 0001 00:00:00 GMT
contentitems
www.heliar.com/sfapi/whitelistings/ 		510 B
982 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/sfapi/whitelistings/contentitems?sf_culture=pt-BR&$filter=contains(Title,%20%27Speedbump%20Disclaimer%27)
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/ResourcePackages/Talon/assets/dist/js/speedbump.min.js?package=Talon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d62b5721cd0d09a2a2af962a54b6c2aaefd766994803e4da43ab141b47c7d9c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 15:57:42 GMT
content-encoding
gzip
odata-version
4.0
vary
Accept-Encoding
x-azure-ref
20230503T155742Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u90b
content-type
application/json; odata.metadata=minimal
x-cache
CONFIG_NOCACHE
cache-control
no-store, must-revalidate, no-cache
accept-ranges
bytes
content-length
431
expires
Mon, 01 Jan 0001 00:00:00 GMT
/
www.heliar.com/Sitefinity/Public/Services/Statistics/Log.svc/ 		4 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heliar.com/Sitefinity/Public/Services/Statistics/Log.svc/?pageNodeId=7aabba76-9fd3-4dc2-a359-234798227d14&trackingId=c3c426a2-a0fd-452c-9ef5-d07cc7201a16&referrer=&pageUrl=https://www.heliar.com/
Requested by
Host: www.heliar.com
URL: https://www.heliar.com/WebResource.axd?d=yAZznlIeaGQJz8qTi4uqDfyL9bVOck37iGzH0FmQDchQoWvRx4sO3J597tQkXMYEuNhkCvNYK_z5lbRIjzhllAyb_reMy_6RfQqxYDx97amvzmE46ofMsajufAMbSh8hFYSwObLXpFl7LsOnwjQK3evIzDoToIunVqhLM0bE7R41&t=638173572560000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heliar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:57:42 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
content-security-policy
default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-azure-ref
20230503T155742Z-vyw0bt9qbh3wx5mr5d4z96s25000000004dg00000000u90c
x-cache
CONFIG_NOCACHE
cache-control
private
accept-ranges
bytes
content-length
122
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BHGZH4C75N&cid=205763111.1683129461&gtm=45je3510&aip=1&z=699835872
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18435604-1&cid=205763111.1683129461&jid=207950718&_u=YADAAEAAAAAAACAAI~&z=633588051

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| sf_appPath object| dataLayer function| openHomepage object| google_tag_manager object| google_tag_data function| $ function| jQuery string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| _typeof object| runtime object| regeneratorRuntime object| talonUtil function| Cookies undefined| LocationFinderSearch undefined| _this function| asyncGeneratorStep function| _asyncToGenerator function| distinct function| clearAllOptions object| fitmentContainers function| populateTypes function| populateYears function| populateMakes function| populateModels function| search function| retrieveUserVehicleCookie function| triggerChangeEvent function| typesDropdownChanged function| yearsDropdownChanged function| makesDropdownChanged function| modelsDropdownChanged string| searchPageUrl object| fitmentContainer object| typesDropdown object| makesDropdown object| yearsDropdown object| modelsDropdown object| searchButton undefined| userCookie string| fitmentTable string| currentCulture object| currentModelsAndEngines function| init object| StatsClient object| jQuery112108029791421061063

7 Cookies

Domain/Path Name / Value
.heliar.com/ Name: _gcl_au
Value: 1.1.996289380.1683129461
.heliar.com/ Name: _ga_3XJN5HSH7K
Value: GS1.1.1683129461.1.0.1683129461.0.0.0
.heliar.com/ Name: _ga_BHGZH4C75N
Value: GS1.1.1683129461.1.0.1683129461.60.0.0
.heliar.com/ Name: _ga
Value: GA1.2.205763111.1683129461
.heliar.com/ Name: _gid
Value: GA1.2.153062381.1683129462
.heliar.com/ Name: _gat_UA-18435604-1
Value: 1
www.heliar.com/ Name: sf-trckngckie
Value: c3c426a2-a0fd-452c-9ef5-d07cc7201a16

5 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtag/js?id=G-3XJN5HSH7K&l=dataLayer&cx=c(Line 193)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-3XJN5HSH7K&gtm=45je3510&_p=110633210&cid=205763111.1683129461&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683129461&sct=1&seg=0&dl=https%3A%2F%2Fwww.heliar.com%2F&dt=A%20melhor%20bateria%20para%20o%20seu%20carro%20%7C%20Baterias%20Heliar&en=page_view&_fv=1&_nsi=1&_ss=1' because it violates the following Content Security Policy directive: "connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com".
network error URL: https://www.googletagmanager.com/gtag/js?id=G-HXH7DD7P0Q&l=dataLayer&cx=c
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://www.googletagmanager.com/gtag/js?id=G-BHGZH4C75N&l=dataLayer&cx=c(Line 193)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-BHGZH4C75N&gtm=45je3510&_p=110633210&_gaz=1&cid=205763111.1683129461&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683129461&sct=1&seg=0&dl=https%3A%2F%2Fwww.heliar.com%2F&dt=A%20melhor%20bateria%20para%20o%20seu%20carro%20%7C%20Baterias%20Heliar&en=page_view&_fv=1&_ss=1' because it violates the following Content Security Policy directive: "connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com".
security error URL: https://www.heliar.com/
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BHGZH4C75N&cid=205763111.1683129461&gtm=45je3510&aip=1&z=699835872' because it violates the following Content Security Policy directive: "img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com".
security error URL: https://www.heliar.com/
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18435604-1&cid=205763111.1683129461&jid=207950718&_u=YADAAEAAAAAAACAAI~&z=633588051' because it violates the following Content Security Policy directive: "img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/ https://fonts.googleapis.com/; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://fonts.gstatic.com/; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://useast2prodbrandsites.blob.core.windows.net https://sqlva2dfty3dw7lm6w.blob.core.windows.net https://sqlvaaelzkwtae7o3c.blob.core.windows.net https://useast2devbrandsites.blob.core.windows.net https://useast2qabrandsites.blob.core.windows.net https://sqlva6tlsee7wiytg6.blob.core.windows.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com https://ssl.gstatic.com/ https://www.gstatic.com/ https://www.google-analytics.com/ *.google.com; media-src 'self' data: blob:; frame-src 'self' *.google.com *.twitter.com *.youtube.com *.vimeo.com *.facebook.com badge.stumbleupon.com w.soundcloud.com apis.google.com https://clarios--uat.my.salesforce.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src 'self' accounts.google.com https://clarios--uat.my.salesforce.com https://*.dec.sitefinity.com *.mktoresp.com https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
heliar.com.br
stats.g.doubleclick.net
useast2prodbrandsites.blob.core.windows.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.heliar.com
www.heliar.com.br
www.google.de
2620:1ec:4e:1::44
2620:1ec:4f:1::45
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2004
2a00:1450:4001:812::200a
2a00:1450:4001:828::200e
2a00:1450:400c:c07::9d
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
52.239.222.100
08026c2d3ac6c2dbc0e40dc01a78aa156b3e265019c748675bf9c1bc11aad77f
08867cb0707e1ef2def487485a82e3f0da1dc32af9488241f647841a11974ade
0e4e36561b60aa416bbb4955ddc3c360984d87a147f1f1b2eeb8f32d103c7fa9
10e5f3eca250f13a4e1047fcd1f1c44b4f29b550739b7defa4c6b0fb3727b7c8
13ca9126fbfd12a279dac6557ea7a200159a682ca9673528983170e12c251c9b
1af6633a9b80b5a01b59fdba8a70701328dfdc62aef272d7a46479d9e7a0db35
1ede6d07f1d0a5c90ec27417c018ffb87c5ffb8516b8e4462206d9f0713b02d2
1f132510bc7b665bbe5fb9227b0d2daafa5513296a72f88f88d38179eded9277
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
23f0db65a5c9b867c2c4a790e3107ae9bb08f217961335b748e1655d5eb2b684
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
3c7d8fe201b8fa91a192799b3b2cb10841fed30682a702dab3649566392032e5
48e8b8dfe20b35b558b1570581f5434d02a83bfc5471e6afe5da097640eeb33b
55ab51ff2d1bb571f0c0fc88c31fb955ccb3d72cdf3fd574552b01d52b23a6c0
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
686af88332f40cff92c08d529280da00ca366c9123e30f31c8ade5fc567069b6
6d3a91f14897169a97557f02168e1a8f6f28e2b4c1645538ae8bc97e7d206c79
72a518e587c7609bc770fb1dc63f94d5d5b4b3b8df0d8d7096198cd76cec166e
78adb249a23b87fc92d7e317d9858e1d646a075a4eabd569f7acfc75ee8fc863
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7d910d9161e735da1c0eb8d54f3793428c8bee33c049c02f02d89f0f757c1722
82ba1500284551ea3d0e4f99a753485efaf9de27d45fbe2989cdbca347d33c89
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8eeeaf48abfcb8c3a5ce3377a7e6d7b2dccb43a671a4e21b5e65d4b37ee57cf8
91021dbec61c631bc94066505def0edc4dd97adb82c777636e9612c8310f7533
91370ac944fbae0e7b0fd6af9c2b3a9899b0988b02b71741d80e2b59642e668d
9157a0680a3566a613b2af1f3b3e71c818664f3a7a9feb12d4ecc6941771e10e
978e77f36fa5fcc2df51ac178ecd8f330455d8080fe4633d3fec05acc3c285bc
99f1c26adb4221ce95fc90e9790180d83bcf8b3be30aad1f3f16d276246546db
9f7b103418c76d3c630fa9ac6128249bebab1e97454948c2fcfc22fc88f4ea3a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0b8b3a8f6ca7f9b338169d9538e22dae4830dcc333a80933e8f1975f395ae43
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
c19e639b4bbac48cf05b883b63b986532b80e914e92d8e11cc45de207187c442
c36f7d520fdac8bc07a5bd0d7e1206a82b2e388f60c6529c41e81f3620aee84a
c7f3e3c02f75c3c4d165321558dacbdb804315160358babfbe1dfab72fec82fc
c87a7efb9ac07589c568a82302473b36338386965e8e6c32680d68c10c49bb84
cabc16eb80b2047c7bab4fc97177ac3f6d4e33682fa3b95048b1801bcd55cedb
cb80080ee311449d6be95e4445c1b635e9704e279aa2bde3d31f3f68d8855976
cda66aaac66c47585d9917fcf9e6c0f28322715caf35b94e0f8224ab629182c4
d62b5721cd0d09a2a2af962a54b6c2aaefd766994803e4da43ab141b47c7d9c4
db322eb6c380bc26a10702e784dc0ecb3e7729b14ce934d4dc3b652c5ae5cc81
dd5500f370133c1ea582c5114ffcbd1d71987eb4dcfc77cea7e259784dad267c
df564fded91c08d59bacab2a8d36cfe7647ef8f4a98fd30a10760b8b1e350074
e19a3023252123d470e7f214025b6385a46fa7effdb9b6c798a7e4fb454964a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45121e5dfe44e870d4bd8e28500c0a97404dc064fe44ad1fa68ec9a10462eb0
e538c09bf64f9e04bf11c4f72d23552f2c611c1c571ddd91a20dc5a3492d9603
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e870dd4b56843b01977c82ac956448f54eadb194b5fd7013331decbfb26bd056
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f458bab944181274c917c98707c522337f8a7d2c1279eedbb47551f1d1fc3464
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fcc65e8dccbbc9a608ed89dce066bf99bcfd2b54d35c46741f85e302266b6c91
fd2a752492b64050c772c50f5539a28ed106d2433945c04abb57e3fab1a83186