urlscan.io logo urlscan.io
SecurityTrails logo

heinemann.getbynder.com Open in urlscan Pro
2600:9000:208f:2600:e:eaa:5b80:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://url.us.m.mimecastprotect.com/s/JlrBCNkE17H05jZpvhmfXFyqldl?domain=heinemann.getbynder.com
Effective URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Submission: On October 01 via manual from CA — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 66 HTTP transactions. The main IP is 2600:9000:208f:2600:e:eaa:5b80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is heinemann.getbynder.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 15th 2023. Valid for: a year.
This is the only time heinemann.getbynder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 205.139.111.12 30031 (MIMECAST-)
1 19 2600:9000:208... 16509 (AMAZON-02)
31 99.86.229.97 16509 (AMAZON-02)
1 2600:9000:250... 16509 (AMAZON-02)
2 3.167.116.18 16509 (AMAZON-02)
2 2600:9000:250... 16509 (AMAZON-02)
2 18.67.65.115 16509 (AMAZON-02)
2 52.16.7.101 16509 (AMAZON-02)
66 8
2    205.139.111.12 (United States)

ASN30031 (MIMECAST-, US)
PTR: us-api.mimecast.com
url.us.m.mimecastprotect.com
19    2600:9000:208f:2600:e:eaa:5b80:93a1 (United States)

ASN16509 (AMAZON-02, US)
heinemann.getbynder.com
31    99.86.229.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-229-97.iad79.r.cloudfront.net
d8ejoa1fys2rk.cloudfront.net
1    2600:9000:2509:c600:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
2    3.167.116.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-116-18.iad55.r.cloudfront.net
d1ra4hr810e003.cloudfront.net
2    2600:9000:2509:6400:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
2    18.67.65.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-115.iad89.r.cloudfront.net
consent.api.osano.com
2    52.16.7.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-7-101.eu-west-1.compute.amazonaws.com
sentry10.bynder.cloud
Apex Domain
Subdomains		 Transfer
33 cloudfront.net
d8ejoa1fys2rk.cloudfront.net
d1ra4hr810e003.cloudfront.net
2 MB
19 getbynder.com
heinemann.getbynder.com
358 KB
5 osano.com
cmp.osano.com — Cisco Umbrella Rank: 5726
consent.api.osano.com — Cisco Umbrella Rank: 10402
64 KB
2 bynder.cloud
sentry10.bynder.cloud — Cisco Umbrella Rank: 97697
826 B
2 mimecastprotect.com
url.us.m.mimecastprotect.com — Cisco Umbrella Rank: 13108
2 KB
66 5
Domain Requested by
31 d8ejoa1fys2rk.cloudfront.net heinemann.getbynder.com
d8ejoa1fys2rk.cloudfront.net
cmp.osano.com
19 heinemann.getbynder.com 1 redirects heinemann.getbynder.com
d8ejoa1fys2rk.cloudfront.net
cmp.osano.com
3 cmp.osano.com heinemann.getbynder.com
cmp.osano.com
2 sentry10.bynder.cloud heinemann.getbynder.com
2 consent.api.osano.com d8ejoa1fys2rk.cloudfront.net
2 d1ra4hr810e003.cloudfront.net heinemann.getbynder.com
2 url.us.m.mimecastprotect.com 2 redirects
66 7

This site contains no links.

Subject Issuer Validity Valid
*.getbynder.com
Amazon RSA 2048 M03		 2023-11-15 -
2024-12-14		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.osano.com
Amazon RSA 2048 M02		 2024-09-17 -
2025-10-16		 a year crt.sh
*.api.osano.com
Amazon RSA 2048 M02		 2024-08-27 -
2025-09-25		 a year crt.sh
sentry10.bynder.cloud
Amazon RSA 2048 M02		 2024-09-14 -
2025-10-13		 a year crt.sh

This page contains 3 frames:

Primary Page: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Frame ID: 9667CB257B1CCFD1DB73CA96C039F371
Requests: 56 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 412FDEDA326FD64701290A362AA99C18
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 20C63F55FB377F22F0F8433ACDBED8B8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Heinemann Publishing Brand Portal

Page URL History Show full URLs

  1. https://url.us.m.mimecastprotect.com/s/JlrBCNkE17H05jZpvhmfXFyqldl?domain=heinemann.getbynder.com HTTP 307
    https://url.us.m.mimecastprotect.com/r/ofRoOaQ0QMLo28feDps2gg5BPyeGan4__e6EdFvwIzav60FMWlOXom8XAws29RUveombEYN-ty... HTTP 307
    https://heinemann.getbynder.com/waitingroom/view/BE3A0D73-4AA3-43D6-8D9CC78F5592E858/?access=0&accessType=do... HTTP 302
    https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

88 %
HTTPS

38 %
IPv6

5
Domains

7
Subdomains

8
IPs

2
Countries

2114 kB
Transfer

6475 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://url.us.m.mimecastprotect.com/s/JlrBCNkE17H05jZpvhmfXFyqldl?domain=heinemann.getbynder.com HTTP 307
    https://url.us.m.mimecastprotect.com/r/ofRoOaQ0QMLo28feDps2gg5BPyeGan4__e6EdFvwIzav60FMWlOXom8XAws29RUveombEYN-tyo00FZx-ReMS7hCE42rACGPciGeGfVxva--k0knFBPxQAwq4RdLymGjAb7nlNsfCAyoavwiNH_OMraHyTGPUAfGXXsDqyEKCcIgfIkuInsIuTazva2rItCMEl9sBkook4hKEVCqUW3-HCJFL4h95HVZlXv_uOP4aimDIZy2QCNgqkfP2galtkCnK1YoVpMFZjRVRlbct7lfvX-L9xE2Y9hb9HkpnWrSeCLQ3KK456Amz5XqMf_u0cFw5_UHW-7qTVB3zSmcd1zpEDXge-qGl-g62Gd04errN5R_clBL70GjVJfgcVA8--5jGKgz6nm8P5lq2Q0IxxsA0jQ27YxSJMi8Zs0QokC9aUpkpPLdipIwYUi4KdmEKQHHejs-yCoTu1Y3nlfTE7VCfbDbNPCtepIj1lrAKt_xuLdsVAMh_pAO5EdCoa2PB7uWK2CzE0dLqpsR4PfD2LnNlBZ-JWxNJJEEqJuqu5ZmnyDsvblRTZ8Fg6q3i__AicMPr6ldMDvrERvSbEscjcc3tDBobqnGPg0baVxKCr-2YbWG1mNEpYIGo-bevzAj-WmFuxy6oSon5jPqcz6NNmdd-_Kv5lcwlEtF7cWcXk5EdaW-jBk39RPYqGEmpoLffzV594uoRyj1NO0Ny8cg3dloSxZUEH7osRKB-7d-13hLXoqT01QA4t6gwAOkt6hVSv-60KzAhx2VEnAAjiKmLRbms0b8gMFkri-kTQ8E8JumPtQnxKm4InLhkm7PKB_acAd3MRGMNZMp9A44JBJZn2zsno_BPLFNab0UsRo0Bjpp23rga13bTWZ9VpBZ9aclUGhzcQD35Sf7Usizj2jh1b5mX8AaJEo0_3gNDrMFFthyHGy0bzdKC7Hu-7l-ISUhfV_xgDAFfIwUC0ZCVEOQveXsYtBxk9NiJ5idCPf0rnRkOvURvZDi5vZSuK1lfbqY6y6VMM8chJ5tk1ar-H0StVnmfAVG-iQ5Hd6Obm2fXCEwjhvvSp_prLLH7GSveH20sqTxToGExobO8bFTYyPolENFlOnkPpAxaLbgn14Tm7gutEF54XlvWZBXTVYLF7Sx-7XSf0MtvEKY25NdomTWfJbjqNjMiOVZOxZCdEMaFXWL2ZFshweRfkzyEZ70va2zNyaVRrZKcBCcMgE7OVUvxdzXBUW6oo4OvqP0RmxK5i6XBR8DfXpf3vcFuNOtwj4OxWtrD159VLMhmtkxNSFZMp1b76PtEnyczbVA6ixoUkGCkaBsqnCy8ODMmdBS6heGh1Ou-M3vxiHSl2UYfTN29RmkAfjp3qKkvOSvE0leldeS47z3m3MbiTYS_QjjarCO5uKSHu4VBd5NNd0s9IpWLcHRTG4rHMaqcldKq4LEdrx8abQEP9lT4Id9JuItPfVUa0zuJyCxjLouddOORDE0BMqCBd6QHRBkGC7dIraE6euQaUwN1VDmwxvCaw_wform4BqtPgvqw0yQDYOEkPqhvS7S6yhnlxL-eBUXqmT-CnSnUTiVVF-vFMLXLahiYoc5ipsdGo-RDK9YSiZPmE3en7E1SwsGLOzzAQmepGLL1qSzuD8iJFx904rTAmqkmLjlwohoSp6Tc9ac1A_AIMgPrUTqSMZAREvHQYsA2CBIIobXzWCrjFo-B9ygLSOlGsnCa4pFU8V2UPYUlQJJEsh_A9e_luAa9se6dgw64A5yCHnzLd7sLakpPvSAfbDs23dQxlzl HTTP 307
    https://heinemann.getbynder.com/waitingroom/view/BE3A0D73-4AA3-43D6-8D9CC78F5592E858/?access=0&accessType=download HTTP 302
    https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request FE9C5129-7C2F-43C4-81BB4812424B7C30
heinemann.getbynder.com/login/redirectToken/
Redirect Chain
  • https://url.us.m.mimecastprotect.com/s/JlrBCNkE17H05jZpvhmfXFyqldl?domain=heinemann.getbynder.com
  • https://url.us.m.mimecastprotect.com/r/ofRoOaQ0QMLo28feDps2gg5BPyeGan4__e6EdFvwIzav60FMWlOXom8XAws29RUveombEYN-tyo00FZx-ReMS7hCE42rACGPciGeGfVxva--k0knFBPxQAwq4RdLymGjAb7nlNsfCAyoavwiNH_OMraHyTGPUA...
  • https://heinemann.getbynder.com/waitingroom/view/BE3A0D73-4AA3-43D6-8D9CC78F5592E858/?access=0&accessType=download
  • https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
51 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b2dcef7c696e2577e2582dfced3612cf221c6ee3026c0e446982c821b3bdcd85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
13371
content-security-policy-report-only
default-src 'self'; child-src blob: https://*; connect-src 'self' https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com https://fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net https://apiv2.webdamdb.com/oauth2/token https://cmp.osano.com https://consent.api.osano.com https://tattle.api.osano.com https://disclosure.api.osano.com emrays.production-global.us-east-1.bynder.cloud https://dam.emrays.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com https://cmp.osano.com https://consent.api.osano.com https://tattle.api.osano.com https://disclosure.api.osano.com; style-src 'self' 'unsafe-inline' https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com bynder-static.s3.amazonaws.com fast.appcues.com https://cmp.osano.com https://consent.api.osano.com https://tattle.api.osano.com https://disclosure.api.osano.com; worker-src 'self' blob:; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=638cfd1ab10c78c179140416b9893c0e
content-type
text/html;charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 01 Oct 2024 15:54:44 GMT
permissions-policy
camera=(), geolocation=(), microphone=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
x-amz-cf-id
QOPu2UNwxKrZnFsk6IxcdPS9Tvmoh3AuG4mpeRWEw47mghuhDgNVDA==
x-amz-cf-pop
IAD79-C3
x-api-correlation-id
8a798c89-304a-3ded-6952-1edd6c1aee6b
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

content-length
0
content-security-policy-report-only
default-src 'self'; child-src blob: https://*; connect-src 'self' https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com https://fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net https://apiv2.webdamdb.com/oauth2/token https://cmp.osano.com https://consent.api.osano.com https://tattle.api.osano.com https://disclosure.api.osano.com emrays.production-global.us-east-1.bynder.cloud https://dam.emrays.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com https://cmp.osano.com https://consent.api.osano.com https://tattle.api.osano.com https://disclosure.api.osano.com; style-src 'self' 'unsafe-inline' https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com bynder-static.s3.amazonaws.com fast.appcues.com https://cmp.osano.com https://consent.api.osano.com https://tattle.api.osano.com https://disclosure.api.osano.com; worker-src 'self' blob:; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=638cfd1ab10c78c179140416b9893c0e
content-type
text/html;charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 01 Oct 2024 15:54:43 GMT
location
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
permissions-policy
camera=(), geolocation=(), microphone=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
x-amz-cf-id
wJewX0uUPV5yFSBoseqeRtqsimLXLLqYqx3nvGby9ZLOUi90SZGEug==
x-amz-cf-pop
IAD79-C3
x-api-correlation-id
ad088e72-3430-8f4c-51f3-b808900c8295
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
2DBD3D4F5568D5611B91725F6DD849E4.cache.css.gz
d8ejoa1fys2rk.cloudfront.net/static/ 		131 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/static/2DBD3D4F5568D5611B91725F6DD849E4.cache.css.gz
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68e65784b68b529aefc3eb6a547ab0d517ccb63c8703b0810d11997181d36b07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

content-encoding
gzip
x-amz-version-id
KfT2CnT_VpXDTjCeIWl37loyw1zJgBVr
etag
"5b2b1a70f05bdc1020e6c98688e176b2"
age
35260
x-cache
Hit from cloudfront
x-amz-cf-id
Yn0ur0dt-dewaQjhBuZUFbufJJ12dsKvPgebpMHUIptPHEG_l0mSEQ==
date
Tue, 01 Oct 2024 06:17:40 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 09:23:29 GMT
cache-control
public, max-age=86400
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
29248
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
0294EE4C1A991B27CCE161ED40239281.cache.css.gz
d8ejoa1fys2rk.cloudfront.net/static/ 		130 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/static/0294EE4C1A991B27CCE161ED40239281.cache.css.gz
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4027edc5d49bedb15afe0ab02dd3de9267f2ce9128ae93a9f23040d79f830c34

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

content-encoding
gzip
x-amz-version-id
3JFBWTjzWMRcjnx_MbmhMgzfKYLIDbkz
etag
"d8c537c55720a07cf0034f218391f004"
age
28626
x-cache
Hit from cloudfront
x-amz-cf-id
7eRT0vr9fKytiMJRNURKeNCEKitHJgOcg4EHP0aNK66mxXmudz7tyQ==
date
Tue, 01 Oct 2024 07:57:39 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 07:30:03 GMT
cache-control
public, max-age=86400
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
21057
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
6B504BB1E819FC3843C3601464849CC5.cache.css.gz
d8ejoa1fys2rk.cloudfront.net/static/ 		213 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/static/6B504BB1E819FC3843C3601464849CC5.cache.css.gz
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c02637f012a55337a98340ad2bd2e0e4e26d517b71e4a0277599e0a368d91f64

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

content-encoding
gzip
x-amz-version-id
hZILiPU52jamFl4QWZVl454159194mkX
etag
"a5ffede2de9dd4d514bf65d41a04eba6"
age
36468
x-cache
Hit from cloudfront
x-amz-cf-id
DrKkOwTX7ZasUgjHDSn5VEY4hMJ7G3RrPslmoqsmvbrhGo60yjVQDw==
date
Tue, 01 Oct 2024 05:46:57 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 09:23:35 GMT
cache-control
public, max-age=86400
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
36319
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
C1D29CACE50F47382F911F71B9D19FC8.cache.css.gz
d8ejoa1fys2rk.cloudfront.net/static/ 		124 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/static/C1D29CACE50F47382F911F71B9D19FC8.cache.css.gz
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f172602830c4f48662b300496e34453bd8d04195cea1766bccd9650ed5287e6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

content-encoding
gzip
x-amz-version-id
kw.2946_6agYoAM75ge3FjmrYzEV509y
etag
"3fd5db4ce17449a5c4c39cf7e209d80d"
age
21849
x-cache
Hit from cloudfront
x-amz-cf-id
wRIhsqN3gwGJV0OePs9TJrLCTmAcO0_8vVJ1Hbp4QHK2KZTybIeaqQ==
date
Tue, 01 Oct 2024 09:50:36 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 09:50:04 GMT
cache-control
public, max-age=86400
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
17360
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
7758D113B6F9A0A9A63861EF2570C822.cache.css.gz
d8ejoa1fys2rk.cloudfront.net/static/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/static/7758D113B6F9A0A9A63861EF2570C822.cache.css.gz
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ed50b57a8edf003b0606c80592755850f2458551afacad8529e7101daf7dafe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

content-encoding
gzip
x-amz-version-id
62JOKw0KiPVh7lb7kOpZMw9EIv1FCHxT
etag
"b433f604449d486751667758c11cfe29"
age
29744
x-cache
Hit from cloudfront
x-amz-cf-id
vjJdl8fi0u0LZPy72ce9V7AqCpkJ32oNzOLmB0J5Tgc8nLgZGiTYKg==
date
Tue, 01 Oct 2024 07:39:24 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 09:23:34 GMT
cache-control
public, max-age=86400
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1871
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
4EDD0D4EF0416DEF0DDCF09724BAA977.cache.css.gz
d8ejoa1fys2rk.cloudfront.net/static/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/static/4EDD0D4EF0416DEF0DDCF09724BAA977.cache.css.gz
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a9e4bbd48d8e8197d3a5845bcda647c3084427b02fd367a935e51b5b14b57c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

content-encoding
gzip
x-amz-version-id
9lD8t92cZUNNtoLKw2UKuPuBJuCMVtEn
etag
"7d6a3e272b95ca542580a63aa0ce2649"
age
37180
x-cache
Hit from cloudfront
x-amz-cf-id
CHdC0lzPLBBEvM0hp5-sSM4MAQgU1nBF9MV5nl7ldeJ1s3uXGSYACg==
date
Tue, 01 Oct 2024 05:35:05 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 09:23:36 GMT
cache-control
public, max-age=86400
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
4748
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
EA922F1D9DF203430716BAE997C10655.cache.css.gz
d8ejoa1fys2rk.cloudfront.net/static/ 		53 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/static/EA922F1D9DF203430716BAE997C10655.cache.css.gz
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3bd99d5c741cab9f0946ea1d69514f3262a3ac119175901d218b0fd6d7c16c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

content-encoding
gzip
x-amz-version-id
Q3pbpAADy4sY.w2.DXKQoDDfcs1MEpoJ
etag
"20e09311577e32c704dea4e0d5b42a83"
age
36444
x-cache
Hit from cloudfront
x-amz-cf-id
1a6HDg9rzjRTblo2M4GAaLXGvSsXQOvYVvgpWH57odLu1MxAXQIj7g==
date
Tue, 01 Oct 2024 05:47:21 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 09:23:37 GMT
cache-control
public, max-age=86400
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
8394
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
cookieBanner.css
d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/css/bynder/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/css/bynder/cookieBanner.css
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41478634a192dd03a19208b7acf26ac815cfcd67294c607ad63ce4682203408b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

vary
Accept-Encoding
content-encoding
gzip
x-amz-version-id
Sa.gskd56VNdqdi8r7wAPSYOhf.fDq9F
etag
W/"2e1796e9eaf607496fbf27e4957fa580"
age
1346
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
M5rdJmMfxw7esrcZl6N1lMuj21UofGudCH2Atn8E8CpqRuly9smy6A==
date
Tue, 01 Oct 2024 15:32:19 GMT
content-type
text/css
last-modified
Tue, 01 Oct 2024 15:31:01 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
x-amz-server-side-encryption
AES256
notifications.css
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/styles/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/styles/css/notifications.css
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ebe6051f082044e63bb1411320cc92e23572dc55686fa040ec3e06c8f381a01f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"569b85655225559f6e3d66d8e660c704"
x-amz-version-id
GEfl.Z.KEqHPa4e7H3eSqi020VFiC.6x
age
36513
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Wf-o3-HhIWXM_W1TCDcoEQlqfJg08EUZX8jxjopnW8sl-sM3Jq3LoQ==
date
Tue, 01 Oct 2024 05:46:12 GMT
content-type
text/css
last-modified
Tue, 03 Sep 2024 13:08:27 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
x-amz-server-side-encryption
AES256
/
heinemann.getbynder.com/v7/portal/theme/ 		208 B
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heinemann.getbynder.com/v7/portal/theme/?format=css
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3d8238732317f9becdbbd27d582532258a5ad1b307ebfa85fb38578b65bbe16
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
11f0dc5c-8ef4-72c2-e5c8-6d1c8e3ef217
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
x-cache
Miss from cloudfront
content-length
208
x-amz-cf-id
aQVSY5O6lUS79op8aaNuT0kSXlT4ShdLBTT5UyyAk2rK0ZHqAdLdqA==
date
Tue, 01 Oct 2024 15:54:44 GMT
content-type
text/css; charset=utf-8
x-amz-cf-pop
IAD79-C3
server
nginx
x-frame-options
SAMEORIGIN
custom-heinemann.css
d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/themes/ 		102 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/themes/custom-heinemann.css
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b528b03ad9a49e1e903dcea2920bc8e16229bd62146e108e24371fc60f8bf1b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

vary
Accept-Encoding
content-encoding
gzip
x-amz-version-id
sjbZeT3iH3wxeMDhRzK5wZEGNApFH1Gz
etag
W/"55aac363b371915fb9b2c6e65afb3173"
age
983
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Li2vgcD-7gzeoBBgmjUjD_XKkEBFLgaAAHAwwtHYvwdY1kP6yFVKVg==
date
Tue, 01 Oct 2024 15:38:21 GMT
content-type
text/css
last-modified
Tue, 01 Oct 2024 15:31:30 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
x-amz-server-side-encryption
AES256
font-awesome.min.css
d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/css/vendor/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/css/vendor/font-awesome.min.css
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
34840dc6a2f2378b1b2dfd92147f7a3bbf2d6e1c17941e3a6549f9d8499ab191

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

vary
Accept-Encoding
content-encoding
gzip
x-amz-version-id
4UDlA1tJ5cFFN.N8FH7ydnqCFzZ.EIQO
etag
W/"11561142ddf4044e4897a29bd23df349"
age
1346
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
1uczwcI3jbsfL6As0_YQgVad-WJfvfkxKuvr6MMUtEY7J8gZxrxbxw==
date
Tue, 01 Oct 2024 15:32:19 GMT
content-type
text/css
last-modified
Tue, 01 Oct 2024 15:31:01 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
x-amz-server-side-encryption
AES256
/
heinemann.getbynder.com/content/captcha/F19112C6-932A-4518-B38C8C215C3AC29A/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heinemann.getbynder.com/content/captcha/F19112C6-932A-4518-B38C8C215C3AC29A/
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8f69e4b678d651dabb3629f25326d63c24ffcc7aee297420c452bb43fa2cc873
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30

Response headers

content-encoding
gzip
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
hb4phF_7LhZ_hljlA_0EdTIkXUweYffXlzv_Wc6NHC4l1MzsmRpqUQ==
date
Tue, 01 Oct 2024 15:54:44 GMT
content-type
image/jpeg;charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
bc14517b-5a4c-4bc3-cf4d-69e19986adbc
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src 'self'; child-src blob: https://*; connect-src 'self' https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com https://fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net https://apiv2.webdamdb.com/oauth2/token https://cmp.osano.com https://consent.api.osano.com https://tattle.api.osano.com https://disclosure.api.osano.com emrays.production-global.us-east-1.bynder.cloud https://dam.emrays.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com https://cmp.osano.com https://consent.api.osano.com https://tattle.api.osano.com https://disclosure.api.osano.com; style-src 'self' 'unsafe-inline' https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com bynder-static.s3.amazonaws.com fast.appcues.com https://cmp.osano.com https://consent.api.osano.com https://tattle.api.osano.com https://disclosure.api.osano.com; worker-src 'self' blob:; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=638cfd1ab10c78c179140416b9893c0e
referrer-policy
strict-origin-when-cross-origin
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-pop
IAD79-C3
server
nginx
osano.js
cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/ 		242 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:c600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
419db76032a46b27efed7925ccb2fb024f3eae5537698e3eebf30deda295c209
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

content-encoding
br
etag
"c371d385916d6d504c340a91682659bc"
age
14206
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
_FziNDxFwCUphCLgMcMVqmbG3OYtysw6qaeXHPOWQq1l3aH44ESsfw==
date
Tue, 01 Oct 2024 11:57:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 10 Sep 2024 09:35:53 GMT
vary
Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 4685cae701bd588fa0176a1c8b1e52f4.cloudfront.net (CloudFront)
content-length
64040
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD12-P2
server
CloudFront
09ACE7759A52A72EEF5AC17674573E51.cache.js.gz
d8ejoa1fys2rk.cloudfront.net/static/ 		2 MB
432 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/static/09ACE7759A52A72EEF5AC17674573E51.cache.js.gz
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4c0184d3744e8d3728dc7400a38258c39dc99aa5e18bac05879bc1c5b54484d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

content-encoding
gzip
etag
"5deae38662309289f89783506e0d6800"
x-amz-version-id
J6cnKWjrqHTMa9C1PKaz_ABZTxcQW29P
age
22995
x-cache
Hit from cloudfront
x-amz-cf-id
Xf0_pBawYLZow62RIXZeNITzKI9HKQ0niKMm1qErDxn_YQs1gwddjA==
date
Tue, 01 Oct 2024 09:31:30 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 09:30:47 GMT
cache-control
public, max-age=86400
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
440936
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
require.js
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/deps/requirejs/ 		84 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/deps/requirejs/require.js
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6399de63c99f7311d2c2c603b19ad1d7f354119659bf362c1dbd4cd2eb6d019

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"6da8be361b9ee26c5e721e76c6d4afce"
x-amz-version-id
okPw0SS3PCWmH_QGX6G5B9WoheKiz6VA
age
27192
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
KpwswUzdM3zgakgCv9Ws_uACMHKRl4-TJzgz827I0r-ldhSAmBsu5Q==
date
Tue, 01 Oct 2024 08:22:09 GMT
content-type
application/javascript
last-modified
Tue, 03 Sep 2024 13:08:25 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
x-amz-server-side-encryption
AES256
8A00CED7CA3361060476D12C1E8CFA85.cache.js.gz
d8ejoa1fys2rk.cloudfront.net/static/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/static/8A00CED7CA3361060476D12C1E8CFA85.cache.js.gz
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2a9e09ea1d8d05929c70122f32a60e6141f314bd3ab276280c89377ea94c013

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

content-encoding
gzip
x-amz-version-id
u3i3up.DDyhMUywLZ9yHvspDCA2l8XQw
etag
"b813d9e878efa8dad998e2e6aceae5fe"
age
27170
x-cache
Hit from cloudfront
x-amz-cf-id
T342S0EyfiNjdLcitOBuJ4fQgrD95uCamnLGkRZ_a3iuJjRPiMMoMA==
date
Tue, 01 Oct 2024 08:22:09 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 09:23:39 GMT
cache-control
public, max-age=86400
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
8508
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
jquery.history.js
heinemann.getbynder.com/includes/node_modules/historyjs/scripts/bundled/html4%2Bhtml5/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heinemann.getbynder.com/includes/node_modules/historyjs/scripts/bundled/html4%2Bhtml5/jquery.history.js
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3eca2f7a428c7d60d1649538e4552740ce043df021e618b32943481689a8cfaa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30

Response headers

content-encoding
gzip
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
gYzUKa4-GPIefabVWOXcbQZDOG7O44xpuPvJljaBbymkwEmZnPWqxA==
date
Tue, 01 Oct 2024 15:54:44 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 13:30:58 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
66bc2c74-b71e-dceb-9e92-066b3a2a9cbf
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
accept-ranges
bytes
content-length
6764
x-amz-cf-pop
IAD79-C3
server
nginx
components.js
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/scripts/templates/ 		103 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/scripts/templates/components.js
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d616edf49ca679dc0000cabce2cb63f3035c7618db6f15238097f1135a4b0472

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"7e046934c89202456cb27d06ae171483"
x-amz-version-id
Q.XPxZylSqvTXb2DQP0TUBnKvJ1RJaLq
age
30226
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
0uuiBYwgr8lELWBPSOYuXlp6woP-rGfkpWk0wVEMcHjjJsdqinxAVg==
date
Tue, 01 Oct 2024 07:31:30 GMT
content-type
application/javascript
last-modified
Tue, 03 Sep 2024 13:08:27 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
x-amz-server-side-encryption
AES256
584802DEA0CE2BEB2893C8946F315222.cache.js.gz
d8ejoa1fys2rk.cloudfront.net/static/ 		536 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/static/584802DEA0CE2BEB2893C8946F315222.cache.js.gz
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
481b03dc196a1d57481e3eb48fdb2ffb4e125df1117cb2d4d831e4234dbda1ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

content-encoding
gzip
etag
"64f4f4b9e974b51d35326f047392c639"
x-amz-version-id
PYc7utS3_fOVrDGzzqS3AO1hBW08.NP8
age
11323
x-cache
Hit from cloudfront
x-amz-cf-id
Df60t-RO1s9iqrNTecRkGu4xB25nbeTZMlKGF5J_3VIcDA2HdIe19w==
date
Tue, 01 Oct 2024 12:46:02 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 12:46:01 GMT
cache-control
public, max-age=86400
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
128203
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
4BC8BBB3F9549FDF9A7B5D0259AAC722.cache.js.gz
d8ejoa1fys2rk.cloudfront.net/static/ 		463 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/static/4BC8BBB3F9549FDF9A7B5D0259AAC722.cache.js.gz
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6e121915c8cc096c75d9eca9536b06b34cc989cdea3c9a3fcdd9b441b86c12f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

content-encoding
gzip
etag
"30e684360bd61a8a184779c72310ce0f"
x-amz-version-id
tyMVSLbO2.EnrgM_pJB1uMFUsImwVrUG
age
22995
x-cache
Hit from cloudfront
x-amz-cf-id
uog3P_qKFk7HF16Ky1XIfgHgeajm6mjw43VwH7WJEOyt9dgs2NklhA==
date
Tue, 01 Oct 2024 09:31:30 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 09:30:59 GMT
cache-control
public, max-age=86400
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
104230
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
app.bundle.js
d8ejoa1fys2rk.cloudfront.net/pynder/microfrontends/0.1.85/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/pynder/microfrontends/0.1.85/app.bundle.js
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83b3d41c87f77880e6fc47dbfcad326fd84fe4ee9fe4076a0e53a52b20939a85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"680419c7b7e1288882196577c2b17b44"
x-amz-version-id
1q8owrOwH7fdLBNu42LT7kCh5QtYJLyT
age
27170
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
TRmasDGilSnjk5aP4jm3xo3MzI5e_PmZu97n_E6EZFgVpRkF8EvfuA==
date
Tue, 01 Oct 2024 08:22:09 GMT
content-type
application/javascript
last-modified
Tue, 25 Jul 2023 08:01:41 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
x-amz-server-side-encryption
AES256
xmedium-E2D2F7B3-381B-4582-AC22F51143878BDD.JPG
d1ra4hr810e003.cloudfront.net/visual/accountbackground/48641F8D-3234-463B-9C419733B531C699/ 		566 KB
567 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ra4hr810e003.cloudfront.net/visual/accountbackground/48641F8D-3234-463B-9C419733B531C699/xmedium-E2D2F7B3-381B-4582-AC22F51143878BDD.JPG
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.116.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-116-18.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13fb54cfe52eb62dbd1d41de2a9c1d2009f6bc8f95d9693c4bbfaab4140df3ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

x-amz-cf-pop
IAD55-P8
etag
"b7a48eccb935fa1f39351d73d8664837"
x-amz-version-id
null
age
2423299
via
1.1 472d0d56eebf04200b994d89c556bce0.cloudfront.net (CloudFront)
x-amz-storage-class
INTELLIGENT_TIERING
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
579918
x-amz-cf-id
mD9C3cHSfRxcjo5xXzNoVXvy9gQ2c7RCGNCg7buEabTIJgDB7K3ZuA==
date
Tue, 03 Sep 2024 14:46:26 GMT
content-type
image/jpeg
last-modified
Fri, 05 Aug 2016 18:37:30 GMT
server
AmazonS3
content-disposition
attachment
language-icon.png
d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/img/account/globus/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/img/account/globus/language-icon.png
Requested by
Host: d8ejoa1fys2rk.cloudfront.net
URL: https://d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/themes/custom-heinemann.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56e074e1eb75a44f89bd84abf1f39d8aa56d2eac76a78d199fc7a2ceb1ce0ac2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/themes/custom-heinemann.css

Response headers

x-amz-version-id
OnKmKNmh92CYFCjybqSiCpnzg13EPvEO
etag
"0c68507794884c5f62d147572b6d270c"
age
1156
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2980
x-amz-cf-id
S85hZHhpFuRYghSM5oQ_H_C2JNW3mrKLzCTmV0AxRWCkGKXZHiHvzg==
date
Tue, 01 Oct 2024 15:35:29 GMT
content-type
image/png
last-modified
Tue, 01 Oct 2024 15:29:40 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
x-amz-server-side-encryption
AES256
medium-12971E5A-94D6-46A7-BAF8F31A656F1AD4.jpeg
d1ra4hr810e003.cloudfront.net/visual/accountloginlogo/48641F8D-3234-463B-9C419733B531C699/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ra4hr810e003.cloudfront.net/visual/accountloginlogo/48641F8D-3234-463B-9C419733B531C699/medium-12971E5A-94D6-46A7-BAF8F31A656F1AD4.jpeg
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.116.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-116-18.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cd72ac59ddbef97b0d9941a655d339fcf30232f911fac75e105a7bd7ad371ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

x-amz-cf-pop
IAD55-P8
etag
"64d55b5239106e30edcd80da9d0e195b"
x-amz-version-id
null
age
1110978
via
1.1 472d0d56eebf04200b994d89c556bce0.cloudfront.net (CloudFront)
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
9470
x-amz-cf-id
iaiAPzY-bdbakyJ1uPWp54uLdjLi7GWS8hFxI3p5OreSHattVdZUXw==
date
Wed, 18 Sep 2024 19:18:27 GMT
content-type
image/jpeg
last-modified
Tue, 28 Jun 2016 18:06:01 GMT
server
AmazonS3
content-disposition
attachment
fontawesome-webfont.woff2
d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: d8ejoa1fys2rk.cloudfront.net
URL: https://d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/css/vendor/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://heinemann.getbynder.com
Referer
https://d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/css/vendor/font-awesome.min.css

Response headers

access-control-max-age
3000
access-control-expose-headers
Access-Control-Allow-Origin
etag
"af7ae505a9eed503f8b8e6982036873e"
x-amz-version-id
oI4bd5.h2eL3r5R9hKwP9tqWl.Y9Mr71
age
983
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
yke1zR9QBeRMkWMAsS-GJek4LOHfDI2EfjdO_ZmZ0TbYjl1FFHuvXA==
date
Tue, 01 Oct 2024 15:38:22 GMT
content-type
binary/octet-stream
vary
Origin
last-modified
Tue, 01 Oct 2024 15:29:34 GMT
via
1.1 23546b21bebd898e1f4c79789ae527ca.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
OpenSans.woff
d8ejoa1fys2rk.cloudfront.net/includes/css/fonts/OpenSans/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/includes/css/fonts/OpenSans/OpenSans.woff
Requested by
Host: d8ejoa1fys2rk.cloudfront.net
URL: https://d8ejoa1fys2rk.cloudfront.net/static/0294EE4C1A991B27CCE161ED40239281.cache.css.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c894172c6793664e6fc76f93b19594c8af687a278c50ccfff739b595cfc73ace

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://heinemann.getbynder.com
Referer
https://d8ejoa1fys2rk.cloudfront.net/static/0294EE4C1A991B27CCE161ED40239281.cache.css.gz

Response headers

access-control-max-age
3000
access-control-expose-headers
Access-Control-Allow-Origin
etag
"120706a54f83be203841d7b981aeeaeb"
x-amz-version-id
null
age
72484
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
2VFl_-rjbBW4RED1gmz5hRFQ2Bo_aooMjy638FaVmOkwJ1-dijT2Ow==
date
Mon, 30 Sep 2024 19:46:41 GMT
content-type
application/x-font-woff
last-modified
Fri, 15 May 2015 11:24:11 GMT
vary
Origin
cache-control
public, max-age=31536000
via
1.1 23546b21bebd898e1f4c79789ae527ca.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
20188
x-amz-cf-pop
IAD79-C3
server
AmazonS3
OpenSans-Bold.woff
d8ejoa1fys2rk.cloudfront.net/includes/css/fonts/OpenSans/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/includes/css/fonts/OpenSans/OpenSans-Bold.woff
Requested by
Host: d8ejoa1fys2rk.cloudfront.net
URL: https://d8ejoa1fys2rk.cloudfront.net/static/0294EE4C1A991B27CCE161ED40239281.cache.css.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
894a7b86bb548ade306c2fd22825ce9e1d16349a6d8bf32cd3cb41256493a67a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://heinemann.getbynder.com
Referer
https://d8ejoa1fys2rk.cloudfront.net/static/0294EE4C1A991B27CCE161ED40239281.cache.css.gz

Response headers

access-control-max-age
3000
access-control-expose-headers
Access-Control-Allow-Origin
etag
"ade5aabd5a19c353bbbe1d39f4276ed3"
x-amz-version-id
null
age
72484
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
zwoyF68QfeG7Uv8SOi1MGB_Myw7j4T_ln40uZOUfoU2FHA8_s1BQvw==
date
Mon, 30 Sep 2024 19:46:41 GMT
content-type
application/x-font-woff
last-modified
Fri, 15 May 2015 11:23:44 GMT
vary
Origin
cache-control
public, max-age=31536000
via
1.1 23546b21bebd898e1f4c79789ae527ca.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
19920
x-amz-cf-pop
IAD79-C3
server
AmazonS3
OpenSans-Italic.woff
d8ejoa1fys2rk.cloudfront.net/includes/css/fonts/OpenSans/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/includes/css/fonts/OpenSans/OpenSans-Italic.woff
Requested by
Host: d8ejoa1fys2rk.cloudfront.net
URL: https://d8ejoa1fys2rk.cloudfront.net/static/0294EE4C1A991B27CCE161ED40239281.cache.css.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a034a5550de26e4e1fc870ebf4ad19998dd146957820b6da965231c4674e416

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://heinemann.getbynder.com
Referer
https://d8ejoa1fys2rk.cloudfront.net/static/0294EE4C1A991B27CCE161ED40239281.cache.css.gz

Response headers

access-control-max-age
3000
access-control-expose-headers
Access-Control-Allow-Origin
etag
"3892926b46738a7510f7c4007213cbb2"
x-amz-version-id
null
age
700032
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
BjKWQQXiYsD6l1ET7xyC49ZOk341lK4x4W-YvJOM6ob7SA7sXT0MZA==
date
Mon, 23 Sep 2024 13:27:33 GMT
content-type
application/x-font-woff
last-modified
Fri, 15 May 2015 11:23:55 GMT
vary
Origin
cache-control
public, max-age=31536000
via
1.1 23546b21bebd898e1f4c79789ae527ca.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
20864
x-amz-cf-pop
IAD79-C3
server
AmazonS3
2703fe4c-f07c-4865-b2d3-281238d9034c
https://heinemann.getbynder.com/ Frame 		0
0
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
manifest.json
heinemann.getbynder.com/v7/paramount/js/ 		58 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://heinemann.getbynder.com/v7/paramount/js/manifest.json?_=1727798084656
Requested by
Host: d8ejoa1fys2rk.cloudfront.net
URL: https://d8ejoa1fys2rk.cloudfront.net/static/09ACE7759A52A72EEF5AC17674573E51.cache.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0eb350a619d57473efdb72eefd304cd0c69946c2ff566008c922a0ae0b529621
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*

Response headers

content-encoding
gzip
etag
W/"66fc04dd-e8ea"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
vg25zf7jpxKxOGi7BzWgUwy2NAQljBEHsrk4jBYwFfCQtX1trTeXbw==
date
Tue, 01 Oct 2024 15:54:44 GMT
content-type
application/json
last-modified
Tue, 01 Oct 2024 14:19:09 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
b1ebb37f-00ef-1462-bdf3-18a089c27bd0
cache-control
no-cache, public, must-revalidate, proxy-revalidate
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-pop
IAD79-C3
server
nginx
915f2422-cccc-4b3c-8eb2-76485a97ce3f
https://heinemann.getbynder.com/ Frame 		0
0
2cb8fc69-14b6-4a61-ab38-5eddda1a65f7
https://heinemann.getbynder.com/ Frame 		0
0
/
cmp.osano.com/ Frame 412F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:6400:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heinemann.getbynder.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
22929
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Tue, 01 Oct 2024 09:32:36 GMT
etag
W/"a0cbc82c3c7bce3b368e2118b3cb29d3"
last-modified
Mon, 19 Aug 2024 22:15:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 98b2021a1a69853671ec2390cb8757f0.cloudfront.net (CloudFront)
x-amz-cf-id
OmetURTzdp3JCqgvLtPZgHxkSAPTezEoDDLU5PpUI9xFE_rlgn4lKQ==
x-amz-cf-pop
IAD12-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
IV.sz0dqhMjQD06H4vRdCjcmpoMDLZ8n
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
requireSettings.js
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/scripts/modules/base/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/scripts/modules/base/requireSettings.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0524e0704b40f329217a369851e7810219f089d3a5f9be70e25b20ebe68ac080

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"1df6481f90a25ec7cc10619b1fbc4050"
x-amz-version-id
DQjDMHHWygJLoW3NM1EeGVAmRnElF_IS
age
33163
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
zjEC5dA2lB6n9IIbDYOAFk-HCU3vVfLgTRq2IPcjj1pSMtqH--I77g==
date
Tue, 01 Oct 2024 06:42:02 GMT
content-type
application/javascript
last-modified
Tue, 03 Sep 2024 13:08:26 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
x-amz-server-side-encryption
AES256
raven.min.js
d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/js/vendor/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/js/vendor/raven.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5dc2422f4c771af9c04b8551071b818fbe483f989f64ac64c5bab75e2eb9eb6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

vary
Accept-Encoding
content-encoding
gzip
x-amz-version-id
3luSLsiSI.TDCTS1SLNzFLacssRkCw7S
etag
W/"31f5119987a4f726dfadef2b7582f453"
age
1345
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
oZoxN7PuYdRc8xdoJODdZdH03GuP5M5RVeaEtAZJwnhu2Szezjlgzw==
date
Tue, 01 Oct 2024 15:32:20 GMT
content-type
application/javascript
last-modified
Thu, 08 Jun 2023 10:31:30 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
x-amz-server-side-encryption
AES256
app.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
heinemann.getbynder.com/v7/paramount/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heinemann.getbynder.com/v7/paramount/js/app.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
44969f708425d55d396afeb7a3d680ca5526b35b526ef20a283c0799327344bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30

Response headers

content-encoding
gzip
etag
W/"66fc04dd-2e8b"
age
4100
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
WTJZp15g-Tdq4aev558D5AU1kukDktX9TB2xtPkPN0k4SOXvcldiqg==
date
Tue, 01 Oct 2024 14:46:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 01 Oct 2024 14:19:09 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
092e0698-b4a4-92ba-94cc-d218113e4cb8
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-pop
IAD79-C3
server
nginx
/
heinemann.getbynder.com/transferbox/initialize/ 		16 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://heinemann.getbynder.com/transferbox/initialize/
Requested by
Host: d8ejoa1fys2rk.cloudfront.net
URL: https://d8ejoa1fys2rk.cloudfront.net/static/09ACE7759A52A72EEF5AC17674573E51.cache.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

X-CSRF-Token
adb1a9aa3149918d75fd57846e9a81b463ee1504
Referer
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
vDVMUZf3VyffUFgz5FEWzYBSXTjy7-mVRGC-DLJ5Elhhiyr1DUMGEw==
date
Tue, 01 Oct 2024 15:54:44 GMT
content-type
application/json;charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
44e1b894-da3c-0c41-4d96-aa69011ac401
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
content-length
16
x-amz-cf-pop
IAD79-C3
server
nginx
3137.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
heinemann.getbynder.com/v7/paramount/js/ 		689 KB
207 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heinemann.getbynder.com/v7/paramount/js/3137.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a50f860bb64266b0685ca64977774c435563735c856d0d6e07fa0d0b29a0484c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30

Response headers

content-encoding
gzip
etag
W/"66fc04dd-ac25e"
age
4101
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
2jFmxHV1vcAjfqI1MrulJUiZ7iShN3FTxPJ6c6j-SjoKn1tRtwJPUQ==
date
Tue, 01 Oct 2024 14:46:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 01 Oct 2024 14:19:09 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
9b4557f3-561f-04df-5c59-f81d86015060
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-pop
IAD79-C3
server
nginx
paramount.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
heinemann.getbynder.com/v7/paramount/js/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heinemann.getbynder.com/v7/paramount/js/paramount.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
baad2895dd55836867e49c4e9098c54b8e522f22bddaea2166204173c6a3add4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30

Response headers

content-encoding
gzip
etag
W/"66fc04dd-b1e8"
age
4101
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
Flcdxpmnh8zMcXscz5Y2r_IeicrT-BLdWnuSByrKrk_Ldzvq-zT0GA==
date
Tue, 01 Oct 2024 14:46:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 01 Oct 2024 14:19:09 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
46ed80f3-7ca0-330e-35bb-2554cc6ebe74
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-pop
IAD79-C3
server
nginx
430838a0-88de-4f84-87df-46294c12cc11
https://heinemann.getbynder.com/ Frame 		0
0
14ab4bcc-157f-43d7-9b3f-256f64b409ed
https://heinemann.getbynder.com/ Frame 		0
0
8a8384ab-95ad-4294-b51f-86a82c715036
https://heinemann.getbynder.com/ Frame 		0
0
0c4d14ae-9790-48f8-94b7-db4b8fa24e7f
https://heinemann.getbynder.com/ Frame 		0
0
dsf.js
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/deps/DecentStringFormatter/src/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/deps/DecentStringFormatter/src/dsf.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49bb03efbcb94520720a6136f6b71e4e37cf5b3650cfd1f4eea800d416ae7d71

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"7657e4cea36b3f539945dd6806a778ee"
x-amz-version-id
08Zp.hZL.KJC0Wfy.UxXpnYkMac7R6oo
age
33163
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
qZC48Dqtp-czDgGiD6tPltI2ILMYYw4HIYP8m36px2rAo5oeVue_Cg==
date
Tue, 01 Oct 2024 06:42:03 GMT
content-type
application/javascript
last-modified
Tue, 03 Sep 2024 13:08:24 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
x-amz-server-side-encryption
AES256
jed.js
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/deps/jed/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/deps/jed/jed.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95fc8c01bd0cdfe47385582bdaa421848416bdf8a4331e5c3e1eeced4fb08d76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"82f2c0a78039d8744e5f77402dc2313c"
x-amz-version-id
SGXtWcB9Wy9pRf2gEuyjSr6t2qUqLtfn
age
14896
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
wstynWPgrcrGsWMBo5AxAsyuicPdALTXRaWzOpCDSeUEkw3_QMAo8Q==
date
Tue, 01 Oct 2024 11:46:30 GMT
content-type
application/javascript
last-modified
Tue, 03 Sep 2024 13:08:25 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
x-amz-server-side-encryption
AES256
runtime.js
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/deps/jade/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/deps/jade/runtime.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7787572213937cd403fb20ee5e8059f92b3169faae669bfb1c56309f868586b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"2a0eb3480991e8458fa6da469774bd78"
x-amz-version-id
t6o8EuGDc6wuBn.PUl3KsgOHNmKylPGm
age
26771
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
tJGFzLO4pEpJEkBeiIzH4d5wKQfxWGGjhyj9_QEVFbgv5nRwhYnWhQ==
date
Tue, 01 Oct 2024 08:28:35 GMT
content-type
application/javascript
last-modified
Tue, 03 Sep 2024 13:08:25 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
x-amz-server-side-encryption
AES256
jquery.js
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/deps/jquery/dist/ 		279 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/deps/jquery/dist/jquery.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"12e87d2f3a4c8b347ab13a0764d420a3"
x-amz-version-id
f_j3QM0vA2bXDhYmWztCYY_GTYJSjMsR
age
36510
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
rkvd1ZixPWODFzK9pU1fZY1dwxJ9ZC5EyaGGfVkOskZFsvS2ScU32Q==
date
Tue, 01 Oct 2024 05:46:16 GMT
content-type
application/javascript
last-modified
Tue, 03 Sep 2024 13:08:25 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
x-amz-server-side-encryption
AES256
/
cmp.osano.com/ Frame 20C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:6400:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heinemann.getbynder.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
22929
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Tue, 01 Oct 2024 09:32:36 GMT
etag
W/"a0cbc82c3c7bce3b368e2118b3cb29d3"
last-modified
Mon, 19 Aug 2024 22:15:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 98b2021a1a69853671ec2390cb8757f0.cloudfront.net (CloudFront)
x-amz-cf-id
OmetURTzdp3JCqgvLtPZgHxkSAPTezEoDDLU5PpUI9xFE_rlgn4lKQ==
x-amz-cf-pop
IAD12-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
IV.sz0dqhMjQD06H4vRdCjcmpoMDLZ8n
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
record
consent.api.osano.com/ 		0
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Requested by
Host: d8ejoa1fys2rk.cloudfront.net
URL: https://d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/js/vendor/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-115.iad89.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heinemann.getbynder.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

x-amz-apigw-id
e-ky4HQUIAMEBhw=
x-amzn-trace-id
Root=1-66fc1b45-183c4935537754c6555f1fd7
access-control-allow-methods
POST,OPTIONS
x-amzn-requestid
f56a5879-a7bf-48a2-9d5c-64efca12b9ca
via
1.1 5148e372b4ab17878741ea92be548472.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
nmrac0zdafHe3RTZl7c9QhHMo4zhenT2ATyy9m3eouPtXnnDWJxLAg==
date
Tue, 01 Oct 2024 15:54:45 GMT
x-amz-cf-pop
IAD89-P1
access-control-allow-headers
Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With
record
consent.api.osano.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-115.iad89.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://heinemann.getbynder.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Tue, 01 Oct 2024 15:54:45 GMT
via
1.1 5148e372b4ab17878741ea92be548472.cloudfront.net (CloudFront)
x-amz-apigw-id
e-ky3GJxoAMEbUQ=
x-amz-cf-id
ypPrMoK-wuyEBrFednuIzXoq0iS6mNgc2IlKBhcW4kFVo8M6F8i6EA==
x-amz-cf-pop
IAD89-P1
x-amzn-requestid
6f8027ba-d4b2-4f75-9aa9-e684a7cea130
x-cache
Miss from cloudfront
3da37042-db22-4562-98d5-2cb94c806d4a
https://heinemann.getbynder.com/ Frame 		0
0
main.js
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/scripts/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/scripts/main.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2033e039ebbcdec13082d60da6f4f1f400d881f54423cbe391888e55f1e6f787

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"02eae97c6a4eea2b4db0c596361d22af"
x-amz-version-id
Tnkbyao0ra6qA4G_bCDbrvHAamNBWAA0
age
35239
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
BbwjGdI9Qo87-tuJ2MF3UBowPKJ9t1P1BbSMdfk02qXLWTTGR_D7dQ==
date
Tue, 01 Oct 2024 06:07:27 GMT
content-type
application/javascript
last-modified
Tue, 03 Sep 2024 13:08:26 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
x-amz-server-side-encryption
AES256
/
heinemann.getbynder.com/v7/localization/keys/ 		125 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://heinemann.getbynder.com/v7/localization/keys/?module=pybynder-frontend&locale=en_US
Requested by
Host: d8ejoa1fys2rk.cloudfront.net
URL: https://d8ejoa1fys2rk.cloudfront.net/frontend/0.1.367/scripts/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f0a45e202b6149509baaa6e4298d72213403c46bd9a1a0c43f9e78d826052aeb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30

Response headers

content-encoding
gzip
etag
W/"f0a45e202b6149509baaa6e4298d72213403c46bd9a1a0c43f9e78d826052aeb"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
vVB5-A3XYXMgszHchVNHDhYqRTit_jKQ4tXdnm-EMWw_hA1CfuC1BQ==
date
Tue, 01 Oct 2024 15:54:45 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
0a42b8cd-9b83-9eb3-3f98-4ad99b40d8b1
cache-control
no-cache
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-pop
IAD79-C3
server
nginx
/
sentry10.bynder.cloud/api/629/envelope/ 		2 B
393 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry10.bynder.cloud/api/629/envelope/?sentry_key=f143db6257524be5b9661846c14c6054&sentry_version=7&sentry_client=sentry.javascript.react%2F7.100.1
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/v7/paramount/js/3137.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.7.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-7-101.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://heinemann.getbynder.com/

Response headers

access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
Connection
keep-alive
access-control-allow-origin
*
Content-Length
2
Date
Tue, 01 Oct 2024 15:54:45 GMT
Content-Type
application/json
vary
origin, access-control-request-method, access-control-request-headers
Server
nginx
df-26.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
heinemann.getbynder.com/v7/paramount/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heinemann.getbynder.com/v7/paramount/js/df-26.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c27caa72381490ebbfe49a7f3ea9804450d685a458e2099621b5d1b13de0b612
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30

Response headers

content-encoding
gzip
etag
W/"66fc04dd-2398"
age
4101
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
60KyKP0PFt84bnyntT_jxVrqnyCyBNPiWELVzsi3bqhroUELTU-mTA==
date
Tue, 01 Oct 2024 14:46:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 01 Oct 2024 14:19:09 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
edd4cab7-5fbc-6623-e957-4737c80a5132
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-pop
IAD79-C3
server
nginx
bynder.ico
d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/img/icons/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/img/icons/bynder.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c155addbc033505bf4fb41f0f0da414e3c96e8aeee04457392bfe6712ea3822c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/

Response headers

x-amz-version-id
0SguHFF_EHXNuH9oFIdXM1bhbL.On56c
etag
"b92d9eb98a69e843b9db1da0e4c350ad"
age
1346
via
1.1 55e412eec3baebe47cd72947531b5c5c.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1651
x-amz-cf-id
ji-2gA9iz3aUrPi7DFyNPIX4i2J4SqeIkTON61ion8XFrlD7oEixPA==
date
Tue, 01 Oct 2024 15:32:20 GMT
content-type
image/vnd.microsoft.icon
last-modified
Tue, 01 Oct 2024 15:29:48 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
x-amz-server-side-encryption
AES256
5333.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
heinemann.getbynder.com/v7/paramount/js/ 		222 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heinemann.getbynder.com/v7/paramount/js/5333.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
55aee0da73a8ca0f60085ca0a3f5ee5fbb8e8c88674097fadaa17e73ae740bca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30

Response headers

content-encoding
gzip
etag
W/"66fc04dd-3789e"
age
4100
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
aur4ZsPTdglHTm_M8cExOZ0UV4rcUIY99QUADfClWFpa4COxtIs-lA==
date
Tue, 01 Oct 2024 14:46:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 01 Oct 2024 14:19:09 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
3af2bc5e-580d-65e1-4e23-ef13efc4dd71
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-pop
IAD79-C3
server
nginx
custom-translations
heinemann.getbynder.com/v7/portal/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://heinemann.getbynder.com/v7/portal/custom-translations
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/v7/paramount/js/3137.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b0be02d3701bbdb4b5f7aafd2ccee6305324884cc39a9c383ddfdffbd4e32db7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sentry-trace
15cb341ca5034ef5973fa6e58825806f-9345a578f35d3d4d-1
Referer
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
baggage
sentry-environment=production,sentry-release=e31ea42194081c3eb45eff9e18c053f56bd6fc50,sentry-public_key=f143db6257524be5b9661846c14c6054,sentry-trace_id=15cb341ca5034ef5973fa6e58825806f,sentry-sample_rate=1,sentry-sampled=true

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
3b834a5a-3260-597f-f2f8-ec198c322adb
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
x-cache
Miss from cloudfront
content-length
1542
x-amz-cf-id
3jeJ9UEIvpKFhdu_ktb4rUbPgQcglYpTSV-uQjpxImQ9nrPGKLnXaA==
date
Tue, 01 Oct 2024 15:54:45 GMT
content-type
application/json; charset=utf-8
x-amz-cf-pop
IAD79-C3
server
nginx
x-frame-options
SAMEORIGIN
8768.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
heinemann.getbynder.com/v7/paramount/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heinemann.getbynder.com/v7/paramount/js/8768.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4a47ed5516b42d90c11b76804bc5330f3a4cd984d5d5274000c6606336a32b2a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30

Response headers

content-encoding
gzip
etag
W/"66fc04dd-35e1"
age
4100
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
5Yro3QuKbXg_OIEbLqPZTy44YRMYXepOWUg_L1UqtyUVjy3peSvLZQ==
date
Tue, 01 Oct 2024 14:46:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 01 Oct 2024 14:19:09 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
b993353e-839e-7f98-0639-98bf7cdd468a
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-pop
IAD79-C3
server
nginx
loginNotification.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
heinemann.getbynder.com/v7/paramount/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heinemann.getbynder.com/v7/paramount/js/loginNotification.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0178920c64a6d52c9c366f595ce251148b88658e40c244418a480347bcf8871e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30

Response headers

content-encoding
gzip
etag
W/"66fc04dd-1a8b"
age
4100
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
uWZ05suD1SMFP7GC45qzg337fFzd8JcbhvrmAToRqdspfw9gX3L7bA==
date
Tue, 01 Oct 2024 14:46:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 01 Oct 2024 14:19:09 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
33ef9ba6-8164-cf9c-d4c4-e400223b1adf
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-pop
IAD79-C3
server
nginx
7759.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
heinemann.getbynder.com/v7/paramount/js/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heinemann.getbynder.com/v7/paramount/js/7759.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
32178ad003a7706fead9c7d5fb7ea47ec9dd1c95cfb01ae785f2aca347ff85f3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30

Response headers

content-encoding
gzip
etag
W/"66fc04dd-5744"
age
4100
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
gP37BZmexe4emNIsMI7JMiLjXIE-PCF31De3tCENKnCjYJJBCUfO6A==
date
Tue, 01 Oct 2024 14:46:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 01 Oct 2024 14:19:09 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
e13608a6-656f-4aeb-99f3-cf6dc77c0282
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-pop
IAD79-C3
server
nginx
privacyPolicyModal.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
heinemann.getbynder.com/v7/paramount/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heinemann.getbynder.com/v7/paramount/js/privacyPolicyModal.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BhTKTaZ1RPo6e4Z/9035905b-7946-4912-9f37-2c2c0e5f5124/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
74f4da82c41a1074b7646a8194c27d7c9f0b75cd2e011dc77f3a47c093f5ef3f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30

Response headers

content-encoding
gzip
etag
W/"66fc04dd-768"
age
4100
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
Nuks2EuFcwZTyRbqzVFQAzYHJA0ujdNpwCltL98WRHV9dFMpDEInVg==
date
Tue, 01 Oct 2024 14:46:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 01 Oct 2024 14:19:09 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
665124da-dd6f-64b7-2326-0f5c97c32ff7
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-pop
IAD79-C3
server
nginx
asset-resumable-uploads
heinemann.getbynder.com/v7/featuretreatments_public/treatment/ 		20 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://heinemann.getbynder.com/v7/featuretreatments_public/treatment/asset-resumable-uploads
Requested by
Host: d8ejoa1fys2rk.cloudfront.net
URL: https://d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/js/vendor/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2600:e:eaa:5b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
41cc6c7f828b518601145e2b35ab9b46fde6682abc9104aa9876030020816ddc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-csrf-token
adb1a9aa3149918d75fd57846e9a81b463ee1504
cache-control
no-cache
Referer
https://heinemann.getbynder.com/login/redirectToken/FE9C5129-7C2F-43C4-81BB4812424B7C30
pragma
no-cache
baggage
sentry-environment=production,sentry-release=e31ea42194081c3eb45eff9e18c053f56bd6fc50,sentry-public_key=f143db6257524be5b9661846c14c6054,sentry-trace_id=15cb341ca5034ef5973fa6e58825806f,sentry-sample_rate=1,sentry-sampled=true
sentry-trace
15cb341ca5034ef5973fa6e58825806f-a7753f95f38dbd7f-1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
lQf1k6HQvpcw1DUXbuX4jK58XNHai8b_T2Kv4-lld5VisGcSkmwBGA==
date
Tue, 01 Oct 2024 15:54:45 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
d94af170-72cf-67c7-dcd9-82e29841b02a
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
content-length
20
x-amz-cf-pop
IAD79-C3
server
nginx
/
sentry10.bynder.cloud/api/629/envelope/ 		41 B
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry10.bynder.cloud/api/629/envelope/?sentry_key=f143db6257524be5b9661846c14c6054&sentry_version=7&sentry_client=sentry.javascript.react%2F7.100.1
Requested by
Host: heinemann.getbynder.com
URL: https://heinemann.getbynder.com/v7/paramount/js/3137.e31ea42194081c3eb45eff9e18c053f56bd6fc50.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.7.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-7-101.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f9aa5e80859bb35ceaa87a1dd85aef0d9a6f4a7f63df20f54d85cad466a0028e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://heinemann.getbynder.com/

Response headers

access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
Connection
keep-alive
access-control-allow-origin
*
Content-Length
41
Date
Tue, 01 Oct 2024 15:54:46 GMT
Content-Type
application/json
vary
origin, access-control-request-method, access-control-request-headers
Server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
heinemann.getbynder.com
URL
blob:https://heinemann.getbynder.com/2703fe4c-f07c-4865-b2d3-281238d9034c
Domain
heinemann.getbynder.com
URL
blob:https://heinemann.getbynder.com/915f2422-cccc-4b3c-8eb2-76485a97ce3f
Domain
heinemann.getbynder.com
URL
blob:https://heinemann.getbynder.com/2cb8fc69-14b6-4a61-ab38-5eddda1a65f7
Domain
heinemann.getbynder.com
URL
blob:https://heinemann.getbynder.com/430838a0-88de-4f84-87df-46294c12cc11
Domain
heinemann.getbynder.com
URL
blob:https://heinemann.getbynder.com/14ab4bcc-157f-43d7-9b3f-256f64b409ed
Domain
heinemann.getbynder.com
URL
blob:https://heinemann.getbynder.com/8a8384ab-95ad-4294-b51f-86a82c715036
Domain
heinemann.getbynder.com
URL
blob:https://heinemann.getbynder.com/0c4d14ae-9790-48f8-94b7-db4b8fa24e7f
Domain
heinemann.getbynder.com
URL
blob:https://heinemann.getbynder.com/3da37042-db22-4562-98d5-2cb94c806d4a

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| Osano function| __uspapi string| downtimeSetting object| downtimeSettingJson number| expiryDate number| currentDate function| openPrivacyPolicyModal function| removeCookieByInnerText object| html4 function| URI object| html function| html_sanitize function| $ function| jQuery number| googleLT_ object| google function| google_exportSymbol function| google_exportProperty function| moment function| sprintf function| vsprintf function| _ object| is object| Select2 object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley object| jade object| uploaderState object| plupload object| modernBynderLibs function| require function| requirejs function| define function| log object| bynder number| defaultChunkSize number| minChunkSize number| maxChunkSize number| chunkSize string| csrf string| getStaticURL object| JADE function| _initAlert function| _initKeyboardListeners function| _keyUp function| _keyDown function| _keyUpConfirm function| _trackSegmentSaveEvent function| _accessInfo object| Workflow boolean| UPLOAD_COMPLETE function| reset_upload_timeout function| getJobPropertiesForTracking object| WaitingRoom function| _initPager function| deleteCookies string| baseUrl string| manifest string| scriptId string| localUrl function| appendScript function| getAppBundle function| loadMicrofrontends object| litHtmlVersions object| _selectVisible object| _deselectAllButton function| segmentStateTracker object| callbackData object| Raven object| webpackChunkparamount function| bynderParamountRerender function| Jed object| Bynder string| defaultLanguage object| __SENTRY__ object| logs

4 Cookies

Domain/Path Name / Value
heinemann.getbynder.com/ Name: bynder
Value: DEE7A452-B15E-4AF0-B98E33A3DFFB5CA8
heinemann.getbynder.com/ Name: DEFAULTLOCALE
Value: en_US
.getbynder.com/ Name: osano_consentmanager_uuid
Value: 4e6a266a-5f84-4d89-89d5-37cbed93d426
.getbynder.com/ Name: osano_consentmanager
Value: kLi9zGCxfIu2jMEVNaDxhKx0IHl9AzNWqsNdbT9tkPPguwj0aKvpFS9sALcy2pkTXrStUSbEuQ4rHiemmPVg78YMU-HrfGNBuP6mm8y17Dhn8x8jcYczDoLO3L-3DYGurCzk4I7bFtmWgB25vE7AvXZZ6jfIn31K6gDvtIOCxmIRRHLPkemcXaiMcg7M5llhl96rOhqPm82sor4wwPnQgUyNiqT2hXGNqJ2nV1myKiRdnPf8qTEFBQ45VRitVNmqfSb4twr226dlgEig94DT3pFiXIBe573o6RSLmrY5FKqnDeWbsMIGgC8NsJz_iVbIZixot09p8U0=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cmp.osano.com
consent.api.osano.com
d1ra4hr810e003.cloudfront.net
d8ejoa1fys2rk.cloudfront.net
heinemann.getbynder.com
sentry10.bynder.cloud
url.us.m.mimecastprotect.com
heinemann.getbynder.com
18.67.65.115
205.139.111.12
2600:9000:208f:2600:e:eaa:5b80:93a1
2600:9000:2509:6400:3:b7e:8940:93a1
2600:9000:2509:c600:3:b7e:8940:93a1
3.167.116.18
52.16.7.101
99.86.229.97
0178920c64a6d52c9c366f595ce251148b88658e40c244418a480347bcf8871e
0524e0704b40f329217a369851e7810219f089d3a5f9be70e25b20ebe68ac080
0a034a5550de26e4e1fc870ebf4ad19998dd146957820b6da965231c4674e416
0eb350a619d57473efdb72eefd304cd0c69946c2ff566008c922a0ae0b529621
13fb54cfe52eb62dbd1d41de2a9c1d2009f6bc8f95d9693c4bbfaab4140df3ef
2033e039ebbcdec13082d60da6f4f1f400d881f54423cbe391888e55f1e6f787
2a9e4bbd48d8e8197d3a5845bcda647c3084427b02fd367a935e51b5b14b57c1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
32178ad003a7706fead9c7d5fb7ea47ec9dd1c95cfb01ae785f2aca347ff85f3
34840dc6a2f2378b1b2dfd92147f7a3bbf2d6e1c17941e3a6549f9d8499ab191
3eca2f7a428c7d60d1649538e4552740ce043df021e618b32943481689a8cfaa
4027edc5d49bedb15afe0ab02dd3de9267f2ce9128ae93a9f23040d79f830c34
41478634a192dd03a19208b7acf26ac815cfcd67294c607ad63ce4682203408b
419db76032a46b27efed7925ccb2fb024f3eae5537698e3eebf30deda295c209
41cc6c7f828b518601145e2b35ab9b46fde6682abc9104aa9876030020816ddc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44969f708425d55d396afeb7a3d680ca5526b35b526ef20a283c0799327344bf
481b03dc196a1d57481e3eb48fdb2ffb4e125df1117cb2d4d831e4234dbda1ea
49bb03efbcb94520720a6136f6b71e4e37cf5b3650cfd1f4eea800d416ae7d71
4a47ed5516b42d90c11b76804bc5330f3a4cd984d5d5274000c6606336a32b2a
55aee0da73a8ca0f60085ca0a3f5ee5fbb8e8c88674097fadaa17e73ae740bca
56e074e1eb75a44f89bd84abf1f39d8aa56d2eac76a78d199fc7a2ceb1ce0ac2
68e65784b68b529aefc3eb6a547ab0d517ccb63c8703b0810d11997181d36b07
6b528b03ad9a49e1e903dcea2920bc8e16229bd62146e108e24371fc60f8bf1b
74f4da82c41a1074b7646a8194c27d7c9f0b75cd2e011dc77f3a47c093f5ef3f
78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe
7cd72ac59ddbef97b0d9941a655d339fcf30232f911fac75e105a7bd7ad371ce
83b3d41c87f77880e6fc47dbfcad326fd84fe4ee9fe4076a0e53a52b20939a85
894a7b86bb548ade306c2fd22825ce9e1d16349a6d8bf32cd3cb41256493a67a
8f69e4b678d651dabb3629f25326d63c24ffcc7aee297420c452bb43fa2cc873
95fc8c01bd0cdfe47385582bdaa421848416bdf8a4331e5c3e1eeced4fb08d76
9ed50b57a8edf003b0606c80592755850f2458551afacad8529e7101daf7dafe
a2a9e09ea1d8d05929c70122f32a60e6141f314bd3ab276280c89377ea94c013
a3bd99d5c741cab9f0946ea1d69514f3262a3ac119175901d218b0fd6d7c16c7
a50f860bb64266b0685ca64977774c435563735c856d0d6e07fa0d0b29a0484c
b0be02d3701bbdb4b5f7aafd2ccee6305324884cc39a9c383ddfdffbd4e32db7
b2dcef7c696e2577e2582dfced3612cf221c6ee3026c0e446982c821b3bdcd85
b6e121915c8cc096c75d9eca9536b06b34cc989cdea3c9a3fcdd9b441b86c12f
b7787572213937cd403fb20ee5e8059f92b3169faae669bfb1c56309f868586b
baad2895dd55836867e49c4e9098c54b8e522f22bddaea2166204173c6a3add4
c02637f012a55337a98340ad2bd2e0e4e26d517b71e4a0277599e0a368d91f64
c155addbc033505bf4fb41f0f0da414e3c96e8aeee04457392bfe6712ea3822c
c27caa72381490ebbfe49a7f3ea9804450d685a458e2099621b5d1b13de0b612
c5dc2422f4c771af9c04b8551071b818fbe483f989f64ac64c5bab75e2eb9eb6
c6399de63c99f7311d2c2c603b19ad1d7f354119659bf362c1dbd4cd2eb6d019
c894172c6793664e6fc76f93b19594c8af687a278c50ccfff739b595cfc73ace
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
d616edf49ca679dc0000cabce2cb63f3035c7618db6f15238097f1135a4b0472
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d8238732317f9becdbbd27d582532258a5ad1b307ebfa85fb38578b65bbe16
ebe6051f082044e63bb1411320cc92e23572dc55686fa040ec3e06c8f381a01f
f0a45e202b6149509baaa6e4298d72213403c46bd9a1a0c43f9e78d826052aeb
f172602830c4f48662b300496e34453bd8d04195cea1766bccd9650ed5287e6c
f4c0184d3744e8d3728dc7400a38258c39dc99aa5e18bac05879bc1c5b54484d
f9aa5e80859bb35ceaa87a1dd85aef0d9a6f4a7f63df20f54d85cad466a0028e
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce