Submitted URL: http://somosheru.com/
Effective URL: https://www.heru.app/
Submission: On November 06 via api from US — Scanned from US

Summary

This website contacted 37 IPs in 2 countries across 28 domains to perform 88 HTTP transactions. The main IP is 52.206.163.162, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.heru.app.
TLS certificate: Issued by R10 on September 12th 2024. Valid for: 3 months.
This is the only time www.heru.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 99.83.190.102 16509 (AMAZON-02)
1 1 3.233.126.24 14618 (AMAZON-AES)
1 52.206.163.162 14618 (AMAZON-AES)
20 104.18.160.117 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
1 13.33.251.140 16509 (AMAZON-02)
2 76.76.21.93 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
6 142.250.80.35 15169 (GOOGLE)
1 142.250.80.100 15169 (GOOGLE)
1 2600:141b:1c0... 20940 (AKAMAI-ASN1)
2 2607:f8b0:400... 15169 (GOOGLE)
1 146.75.28.157 54113 (FASTLY)
4 2620:1ec:33:1... 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 184.28.190.40 20940 (AKAMAI-ASN1)
1 13.225.63.13 16509 (AMAZON-02)
3 2620:1ec:29:1... 8075 (MICROSOFT...)
2 31.13.71.7 32934 (FACEBOOK)
2 142.251.41.2 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.66.0.227 13335 (CLOUDFLAR...)
1 104.244.42.195 13414 (TWITTER)
4 6 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 2600:9000:251... 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.250.80.8 15169 (GOOGLE)
2 51.8.64.151 8075 (MICROSOFT...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 216.239.36.181 15169 (GOOGLE)
88 37
Apex Domain
Subdomains
Transfer
20 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 6168
2 MB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
td.doubleclick.net — Cisco Umbrella Rank: 192
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
715 B
7 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 321
www.linkedin.com — Cisco Umbrella Rank: 646
px4.ads.linkedin.com — Cisco Umbrella Rank: 6828
4 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 634
h.clarity.ms — Cisco Umbrella Rank: 13189
c.clarity.ms — Cisco Umbrella Rank: 1236
31 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
761 KB
6 gstatic.com
fonts.gstatic.com
141 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 817
136 KB
5 bing.com
bat.bing.com — Cisco Umbrella Rank: 348
c.bing.com — Cisco Umbrella Rank: 190
18 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 147
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
5 KB
2 wzrkt.com
wzrkt.com — Cisco Umbrella Rank: 31556
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
80 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
22 KB
2 hubspotonwebflow.com
hubspotonwebflow.com — Cisco Umbrella Rank: 33890
26 KB
2 cloudfront.net
d3e54v103j8qbb.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
103 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
fonts.googleapis.com — Cisco Umbrella Rank: 30
7 KB
2 somosheru.com
somosheru.com
www.somosheru.com
1 KB
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2324
1 KB
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3483
798 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 962
725 B
1 t.co
t.co — Cisco Umbrella Rank: 859
628 B
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2191
25 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3176
4 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2172
26 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2500
950 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 960
16 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 784
14 KB
1 heru.app
www.heru.app
15 KB
88 28
Domain Requested by
20 cdn.prod.website-files.com www.heru.app
cdn.prod.website-files.com
7 www.googletagmanager.com www.heru.app
www.googletagmanager.com
www.google-analytics.com
6 fonts.gstatic.com fonts.googleapis.com
5 px.ads.linkedin.com 3 redirects snap.licdn.com
5 analytics.tiktok.com www.heru.app
analytics.tiktok.com
4 td.doubleclick.net www.googletagmanager.com
4 bat.bing.com www.googletagmanager.com
bat.bing.com
www.heru.app
3 analytics.google.com www.googletagmanager.com
3 www.clarity.ms www.heru.app
bat.bing.com
www.clarity.ms
2 c.clarity.ms 1 redirects
2 h.clarity.ms www.clarity.ms
2 www.facebook.com www.heru.app
2 wzrkt.com d2r1yp2w7bby2u.cloudfront.net
2 stats.g.doubleclick.net www.googletagmanager.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 connect.facebook.net www.heru.app
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 hubspotonwebflow.com www.heru.app
hubspotonwebflow.com
1 track.hubspot.com
1 c.bing.com 1 redirects
1 api.hubapi.com js.hsadspixel.net
1 px4.ads.linkedin.com www.heru.app
1 www.linkedin.com 1 redirects
1 analytics.twitter.com www.heru.app
1 t.co www.heru.app
1 js.hs-analytics.net js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 d2r1yp2w7bby2u.cloudfront.net www.heru.app
1 js.hs-scripts.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 www.google.com www.googletagmanager.com
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net www.heru.app
1 ajax.googleapis.com www.heru.app
1 www.heru.app
1 www.somosheru.com 1 redirects
1 somosheru.com 1 redirects
88 39
Subject Issuer Validity Valid
www.heru.app
R10
2024-09-12 -
2024-12-11
3 months crt.sh
prod.website-files.com
WE1
2024-10-21 -
2025-01-19
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
*.hubspotonwebflow.com
R10
2024-09-15 -
2024-12-14
3 months crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-25 -
2025-06-24
a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03
2024-09-16 -
2025-03-15
6 months crt.sh
hs-scripts.com
WE1
2024-09-26 -
2024-12-25
3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1
2024-07-15 -
2025-07-15
a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-08-15 -
2024-11-13
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
hs-banner.com
WE1
2024-09-24 -
2024-12-23
3 months crt.sh
hsadspixel.net
WE1
2024-10-10 -
2025-01-08
3 months crt.sh
hs-analytics.net
WE1
2024-10-07 -
2025-01-05
3 months crt.sh
t.co
E5
2024-09-28 -
2024-12-27
3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-09 -
2025-10-08
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-10-14 -
2025-04-14
6 months crt.sh
wzrkt.com
Amazon RSA 2048 M02
2024-08-21 -
2025-09-20
a year crt.sh
hubapi.com
WE1
2024-09-09 -
2024-12-08
3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh
hubspot.com
WE1
2024-10-03 -
2025-01-01
3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.heru.app/
Frame ID: 3E83A1C18FCAFDAC7F9B792920032D48
Requests: 83 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.heru.app
Frame ID: 9F72493020B1A63FE3F7144B60536699
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/449432269?random=1730903683009&cv=11&fst=1730903683009&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4au0v867719857z8851102220za200zb851102220&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heru.app%2F&_dbg=true&hn=www.googleadservices.com&frm=0&tiba=Heru%20%E2%80%93%20Declaraciones%20de%20Impuestos%20Autom%C3%A1ticas&npa=0&pscdl=noapi&auid=1582685843.1730903683&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 88549B31832962172DAF82BA6AC87416
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-ERXW70X2GX&gacid=1612872283.1730903683&gtm=45be4au0v867719857z8851102220za200zb851102220&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&z=1893736829
Frame ID: 70FD9B39A1C298ACB9E132184762907A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/449432269?random=1730903683271&cv=11&fst=1730903683271&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4au0v867719857z8851102220za201&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heru.app%2F&hn=www.googleadservices.com&frm=0&tiba=Heru%20%E2%80%93%20Declaraciones%20de%20Impuestos%20Autom%C3%A1ticas&npa=0&pscdl=noapi&auid=1582685843.1730903683&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: CFEF2E4715C7CBD5E5A12C3383FA7C24
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-J2YF3FBLC5&gacid=1612872283.1730903683&gtm=45je4au0v9125947722za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&z=349501781
Frame ID: 3A338BD2C213FD6311D8EFA312B79C4F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Heru – Declaraciones de Impuestos Automáticas

Page URL History Show full URLs

  1. http://somosheru.com/ HTTP 307
    https://somosheru.com/ HTTP 301
    https://www.somosheru.com/ HTTP 301
    https://www.heru.app/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Checkout

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

88
Requests

98 %
HTTPS

50 %
IPv6

28
Domains

39
Subdomains

37
IPs

2
Countries

3744 kB
Transfer

8367 kB
Size

46
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://somosheru.com/ HTTP 307
    https://somosheru.com/ HTTP 301
    https://www.somosheru.com/ HTTP 301
    https://www.heru.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4588194&time=1730903683536&li_adsId=7f5b9623-eb5a-44b9-9d18-c0eb2f10e5b9&url=https%3A%2F%2Fwww.heru.app%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4588194&time=1730903683536&li_adsId=7f5b9623-eb5a-44b9-9d18-c0eb2f10e5b9&url=https%3A%2F%2Fwww.heru.app%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4588194%26time%3D1730903683536%26li_adsId%3D7f5b9623-eb5a-44b9-9d18-c0eb2f10e5b9%26url%3Dhttps%253A%252F%252Fwww.heru.app%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4588194&time=1730903683536&li_adsId=7f5b9623-eb5a-44b9-9d18-c0eb2f10e5b9&url=https%3A%2F%2Fwww.heru.app%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4588194&time=1730903683536&li_adsId=7f5b9623-eb5a-44b9-9d18-c0eb2f10e5b9&url=https%3A%2F%2Fwww.heru.app%2F&cookiesTest=true&liSync=true&e_ipv6=AQKD38FZtgDIxgAAAZMB5jRvH2dsd_wvnMcRnxhrfEAln0xd5G7YUwDqPkoBfI8KhEcwhg
Request Chain 82
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=371731C1EF1C44DCBB48B55FE3E250DE&RedC=c.clarity.ms&MXFR=1EFACA9002986A7203D2DFBF069864F1 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=371731C1EF1C44DCBB48B55FE3E250DE&MUID=361A8EC51133618227819BEA10B760C2

88 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.heru.app/
Redirect Chain
  • http://somosheru.com/
  • https://somosheru.com/
  • https://www.somosheru.com/
  • https://www.heru.app/
61 KB
15 KB
Document
General
Full URL
https://www.heru.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.206.163.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-163-162.compute-1.amazonaws.com
Software
/
Resource Hash
fa24f97ad72a0b9f7156c05fd233f5e408ff3c85371156f666eae897c3eb1f20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
163056
alt-svc
h3=":443"; ma=86400
cf-cache-status
HIT
cf-ray
8de5ce471d8e8299-IAD
content-encoding
gzip
content-type
text/html
date
Wed, 06 Nov 2024 14:34:41 GMT
last-modified
Mon, 04 Nov 2024 17:17:05 GMT
strict-transport-security
max-age=31536000
surrogate-control
max-age=432000
surrogate-key
www.heru.app 64ffc284d4f4b02ae8db4470 pageId:64ffc284d4f4b02ae8db4473 651f73c66008609ad847ffe2
vary
Accept-Encoding
x-cluster-name
us-east-1-prod-hosting-red
x-lambda-id
c43b3bc6-c469-459e-ad1d-08c3b04c7eaf

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
BYPASS
cf-ray
8de5ce42483e800f-IAD
content-length
166
content-type
text/html
date
Wed, 06 Nov 2024 14:34:40 GMT
location
https://www.heru.app/
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cluster-name
us-east-1-prod-hosting-red
heru-website-2-0.dfd8e70eb.css
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/css/
199 KB
29 KB
Stylesheet
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/css/heru-website-2-0.dfd8e70eb.css
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4913aaaddf53b0c86f23c00edf5458bcbb9c8d6b78b96911b258addbfdf992b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"f79e7d6e945230768416703890d3293e"
x-amz-version-id
9lDDFqiU6nrCQ2dNyNPkqm3nFw7XiL2m
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:41 GMT
content-type
text/css
last-modified
Thu, 03 Oct 2024 01:44:17 GMT
vary
Accept-Encoding
x-amz-id-2
xifH2vwkYP+0POVS0Hkw8rYkxOiXSvztklsHiQRGKtgU9mW+uRk+JoKBKEzVHQJRvZAsUkQbLQDZCpQVBBWRs0WWxk7aJgmsgYMmgJ/DAqA=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
9422VZTK63CVFVNC
cf-ray
8de5ce4979c1fada-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
29409
server
cloudflare
x-amz-server-side-encryption
AES256
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/
13 KB
6 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
gzip
age
527549
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Fri, 31 Oct 2025 12:02:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 12:02:12 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
5437
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/
409 KB
131 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-449432269
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fc43ac64bee4a8ae3be1880e64d2fb54e6c77f7867b957dd2f8daf5021d3e4e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 06 Nov 2024 14:34:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
134106
x-xss-protection
0
server
Google Tag Manager
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/
87 KB
88 KB
Script
General
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64ffc284d4f4b02ae8db4470
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.251.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-251-140.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heru.app
Referer
https://www.heru.app/

Response headers

access-control-max-age
3000
etag
"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age
70934
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
Rl1Y1QpY2aWPW7H7kfO05p-XPHfHFjz8ZQs2X1G9g0IIAVIUqTzysg==
date
Tue, 05 Nov 2024 18:52:28 GMT
content-type
application/javascript
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
cache-control
max-age=84600, must-revalidate
via
1.1 2bfd6688fc2f119397b69ac2ba4187b8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
89476
x-amz-cf-pop
JFK50-P10
server
AmazonS3
heru-website-2-0.651f9a94b.js
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/js/
195 KB
68 KB
Script
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/js/heru-website-2-0.651f9a94b.js
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e8d29c8681199eae1c7998f04683cf917a90e68dde831f121359de5eb7cf6b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"b7ec26e1efdc63f1e19d967c50aca144"
x-amz-version-id
jLBJRk2AMauS5FCp191sz4Gi3KkU4sNN
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:41 GMT
content-type
text/javascript
last-modified
Thu, 03 Oct 2024 01:44:17 GMT
vary
Accept-Encoding
x-amz-id-2
bonFG4miWeFuKl8DBpnEvv/MNCTb9velgiZnz0czmysRejHt96HbD5eaad0DTvbONo+pr9Cwgc/b9SUoM/UXaw==
cache-control
public, max-age=31536000, immutable
x-amz-request-id
9423HXN08T2WDF61
cf-ray
8de5ce4979befada-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
69472
server
cloudflare
x-amz-server-side-encryption
AES256
form-124.js
hubspotonwebflow.com/assets/js/
10 KB
3 KB
Script
General
Full URL
https://hubspotonwebflow.com/assets/js/form-124.js
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
10ef3ba5308697292067120aee8cea7f3341a9a5e691475bc4a29805a5194939
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heru.app
Referer
https://www.heru.app/

Response headers

strict-transport-security
max-age=63072000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
W/"392ca1f460caa2aa9439969a89f31c13"
age
2308590
x-matched-path
/assets/js/form-124.js
access-control-allow-origin
*
date
Wed, 06 Nov 2024 14:34:41 GMT
content-disposition
inline; filename="form-124.js"
content-type
application/javascript; charset=utf-8
server
Vercel
last-modified
Thu, 10 Oct 2024 20:46:41 GMT
x-vercel-id
sfo1::cpc4s-1730903681601-b658c40c0dff
css
fonts.googleapis.com/
20 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Inter:regular,500,600,700%7CRoboto:regular,italic,500,500italic,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1d43fc0f4bcc0c1e39949f8d9d8dce4b402919ab74775d81a7e36978cb99d7d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 14:34:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 06 Nov 2024 14:34:42 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/
363 KB
116 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NGFNH2T
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b6209ab19132c710c92b4caa1cdf9a4cd480422bcca72343b650dc050e13ec9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 06 Nov 2024 14:34:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 06 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
118240
x-xss-protection
0
server
Google Tag Manager
6626bda1ba64cca753ee720b_Hero.jpg
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
176 KB
177 KB
Image
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/6626bda1ba64cca753ee720b_Hero.jpg
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/css/heru-website-2-0.dfd8e70eb.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75423f1049d9014494f98cae50efe0e3fc0941ac1b8818c59a2f253fd71f33ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/css/heru-website-2-0.dfd8e70eb.css

Response headers

cf-bgj
h2pri
etag
"a43fd9d86f069aa6c3934ee61405fb04"
x-amz-version-id
B1TP_SBq0Y0fIeBoJVNqjTzRmcVDngVN
cf-cache-status
HIT
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:41 GMT
content-type
image/jpeg
last-modified
Mon, 22 Apr 2024 19:42:28 GMT
vary
Accept-Encoding
x-amz-id-2
0QGvIjSWWYembYIQzlHYNvpQEXY5dOmqDcxRs6GnbkJam75/vN5sj5hlTycOEqDeX7f9FOJYQEKeSGwa3O98090Y40Ls9fgM
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
Z6RTX1AG9J4GMZXV
cf-ray
8de5ce4bfc75fada-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
180488
server
cloudflare
x-amz-server-side-encryption
AES256
650c6537ac723f59413ad71d_Whyte-Medium.ttf
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
126 KB
127 KB
Font
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/650c6537ac723f59413ad71d_Whyte-Medium.ttf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/css/heru-website-2-0.dfd8e70eb.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9683cbdb0fe7b1b6ca7cb2aaef08d6d0b8fd48a4a862e2df3803e25f44f0c2c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heru.app
Referer
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/css/heru-website-2-0.dfd8e70eb.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"9c93e4940c9560602caae1d41d60659b"
x-amz-version-id
HcKc66r34wNclK6htD99R_3NkQHW1cdh
access-control-allow-methods
GET, HEAD
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
application/x-font-ttf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Thu, 21 Sep 2023 15:46:01 GMT
x-amz-id-2
xcI3PBBqnhzgud4DmRqb/1Yo9IFEDxalewSix3GUoVvFL/Dd7nuEB4sy3vyYYMfqTWF8sOBuVoCMnhgJcI4qcxYGf3PfA3SoVyH6IQMyKNc=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
3WXNM8QWSZ88W184
cf-ray
8de5ce4c5e0ad045-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
129188
server
cloudflare
x-amz-server-side-encryption
AES256
650c658dcff33429a5f2d719_Whyte-Bold.ttf
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
124 KB
125 KB
Font
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/650c658dcff33429a5f2d719_Whyte-Bold.ttf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/css/heru-website-2-0.dfd8e70eb.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
030bd15868132dd44b5d9366d46085cbada489de47690a7debc88b4103dcebe1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heru.app
Referer
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/css/heru-website-2-0.dfd8e70eb.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"98b1d4f71e548dfd28b69a612c520710"
x-amz-version-id
9EG1Xf.IGmEkeCja6LWZ1AwmlJZ1X0DH
age
437
access-control-allow-methods
GET, HEAD
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:41 GMT
content-type
application/x-font-ttf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Thu, 21 Sep 2023 15:47:27 GMT
x-amz-id-2
CUBlS9BExl1qW3dj51Y/TvQiLV/jt/SKe0Lcb9eVYI4A5q2xfhS8xvMbRRIvSoyBltsbakkVjAftCarFZXPQVdmBbek/NQRn
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
Z6RGGMA1CZ026EEX
cf-ray
8de5ce4c5e0ed045-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
127408
server
cloudflare
x-amz-server-side-encryption
AES256
64ffc6308398c5de830621f7_logo.svg
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
3 KB
2 KB
Image
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/64ffc6308398c5de830621f7_logo.svg
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51a5a8c7d5381d994975224d7dec579f6f8792af99a48df6fa79a319ed1693ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"242737e735315d7316ce0a6bf82cae16"
x-amz-version-id
TfOwKENtl.2W_G_MOhXtKU7BoFtO5BV1
age
1855
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:41 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Sep 2023 02:00:17 GMT
vary
Accept-Encoding
x-amz-id-2
SuXmx3RbSob7G+0KTa7qBoUdAuLH/x+2ZR2j7MGJRU7aWi+JvUiQUNXpz4EiJw+qNlQRBPhS+27BSr6zwKc7vqjwcjmADtUI
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
BWSYG2N1Y1DE6V73
cf-ray
8de5ce4c4ccefada-SJC
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
65009b42e95f7e909fd4b1db_arrow-right-line.svg
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
254 B
568 B
Image
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/65009b42e95f7e909fd4b1db_arrow-right-line.svg
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7bd4565516583456e2ddd59ec2d2c191d8960929384a5397653d516b06b527b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"87143bc4edb7ea7a198b4562a257018b"
x-amz-version-id
92UobHo7M.iGLcE9q3.1d0hDPK.6.EjQ
age
1690
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:41 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Sep 2023 17:09:24 GMT
vary
Accept-Encoding
x-amz-id-2
2CUcnOJF0jUCwtT5fb92mwY+iaOMYt6j31HdSsUw7KsQ7LRAsZo3YNOZuyBFKSaxOSHtShUdRvQ=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
3WXKA2WRFQPZWZX1
cf-ray
8de5ce4c4cd7fada-SJC
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
65429ae6912c2549b550d13f_heru-p-1080.png
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
173 KB
174 KB
Image
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/65429ae6912c2549b550d13f_heru-p-1080.png
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
137d4b0845fe5427511acc22a17c97b42f56d9440b965633e3c48acc8de34ead

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

cf-cache-status
EXPIRED
etag
"286cd1eeebb0d1615592cc93293a49ba"
x-amz-version-id
orIIosmnGhIidmQliW4GUUsRVsjpFXSL
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
image/png
last-modified
Wed, 01 Nov 2023 18:37:32 GMT
vary
Accept-Encoding
x-amz-id-2
bPPQZInnIKv6hC1a0OZFciMXgOsXrIoag7JnhtkQPYYvjjicpPiyvdZj5X/7u0qxaZ42J/CRUqlb/V14NZT3ag==
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
TT1FEK91WKHKZHGV
cf-ray
8de5ce4c5ce1fada-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
177298
server
cloudflare
x-amz-server-side-encryption
AES256
6525c25ea68df8776aea1dac_Google%20Pixel%202%20-%20Ver_Acuse.svg
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
127 KB
46 KB
Image
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/6525c25ea68df8776aea1dac_Google%20Pixel%202%20-%20Ver_Acuse.svg
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa97b1272d793bf58c7a75e69f87cd85788a974e445548923d280fed3eb7ec67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"10788e83ff8f602d0206f8e0e4a97925"
x-amz-version-id
61y7JhQJ6CE1l2sIXY_TsoSRyq7gjSwm
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
image/svg+xml
last-modified
Tue, 10 Oct 2023 21:30:08 GMT
vary
Accept-Encoding
x-amz-id-2
IAE/o4FBYItVos3guPVqQmmA52PUURNQFj+ho9WTL/dfCT5/646Ow3zAJWqVElxD86gQqbW/NaLFTUgnZV4acZzHaLUWrRTt
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
Z6RJ120MW1520SGG
cf-ray
8de5ce4c5ce3fada-SJC
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
6525c32b9de806737805dc67_Screen.svg
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
232 KB
83 KB
Image
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/6525c32b9de806737805dc67_Screen.svg
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44a56ab2588dfe9cc8d5f08e30c4d8878331219992834366aba16dfef39612b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"de65dff23f46d7e0864e16b46d1e30e5"
x-amz-version-id
qdcHR491QOVdq2SjZBhUh1FYKPY6Qnva
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
image/svg+xml
last-modified
Tue, 10 Oct 2023 21:33:32 GMT
vary
Accept-Encoding
x-amz-id-2
thvsOm+1ranycmIjL4RlxYc7uqCzCzDtYDphdVQqrmBuDOnYrifjhhXlwXsSwG5xmY0wLmRbw5hAbv/YDpzNWw==
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
5E1NQCQ7Z3GFMS9C
cf-ray
8de5ce4c5ce5fada-SJC
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
6525c4542d96ab0a0f1c20c9_Screen%20(1).svg
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
119 KB
43 KB
Image
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/6525c4542d96ab0a0f1c20c9_Screen%20(1).svg
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e004cced680dd07df1107e2a399c6defd5d29fbb6a2bdb7ce8fd6de07f1ee1da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"2daa8ed20aa9038bfbe7160e00a1e1bd"
x-amz-version-id
hm4LuJKg06CX96JILChdD24g5y5zH49e
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
image/svg+xml
last-modified
Tue, 10 Oct 2023 21:38:30 GMT
vary
Accept-Encoding
x-amz-id-2
80GDk5OOfGa8I0bWc5JUcjf6TpdDY9ZNWZZKTG/gEQjMlxj0SEyYP0SCHbVMCyXKfXzcALDaeVfCj232Gkj3nQYx1B5siXe+
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
5E1NGJS218M2ZQ52
cf-ray
8de5ce4c5ce6fada-SJC
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
6525c76f62056c90e4c2787b_Rectangle%2066.svg
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
260 B
597 B
Image
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/6525c76f62056c90e4c2787b_Rectangle%2066.svg
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9efa42e833e969f1a7ea128fbe9fa7f8e8b0caf0422607a82392c97210f51354

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
cf-cache-status
EXPIRED
etag
W/"8e81258acb59d0e02aa458a560b8dc01"
x-amz-version-id
aLRzi7ygy4uEhiRnvSNEd7zn04q2plzq
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
image/svg+xml
last-modified
Tue, 10 Oct 2023 21:51:44 GMT
vary
Accept-Encoding
x-amz-id-2
mUOOm4dIc4xpaxZOhu/gEVfWSL+bB5Rvra9Ae/WXiSQJpORLdo+IJVjYZWU5T4TEJgd9CS70OrEJrtp6FjBXeg==
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
TT1FD1PV46NYCDVQ
cf-ray
8de5ce4c5ce7fada-SJC
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
6500b00b587c0a431363ba80_Succesful%20Milestones.svg
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
2 MB
972 KB
Image
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/6500b00b587c0a431363ba80_Succesful%20Milestones.svg
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8e01da474d0b296034e2af234c1a5532590fe331aa51242db8b452743d6c2bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"078a99ca655655e1c002d3dfd99fe090"
x-amz-version-id
0MuLIIFy_IxCKeD0DJ1rkzQ9SvJlCKU9
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Sep 2023 18:38:04 GMT
vary
Accept-Encoding
x-amz-id-2
2lrLz+O0Tod40sKsppOg+rY+YbZyLOXhkmfjuT25CuIko/Kg9shlCm/vHy30jROHwWk1WXgBFEW5hYjZocJK7fyU5tFXR5/j
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
5E1Q01NQ3YPWVV33
cf-ray
8de5ce4c5ce8fada-SJC
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
6500b0053c13ce779d5ca4ea_Group%201000002499.svg
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
124 KB
44 KB
Image
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/6500b0053c13ce779d5ca4ea_Group%201000002499.svg
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f2c97666f6d84162d162158869a3b9d654c62ffab34adbe6b9dbffff8c301ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"7aea8703958e45a76aa5406a5987342c"
x-amz-version-id
CoogK.GtK43gRSaVJyT6AzOuNtbfxXdE
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Sep 2023 18:37:59 GMT
vary
Accept-Encoding
x-amz-id-2
3rLLfCXDgVyz6EhbJuPb9dGW18hQ0KYuVPhdQORaOTWDBlac83eMUlNE7NIJu5nB23JWC0w4dQc=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
5E1YAH48599J6X11
cf-ray
8de5ce4c5ce9fada-SJC
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
6526176da26c484eeb64fd15_Frame%201000003397.svg
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
1 MB
409 KB
Image
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/6526176da26c484eeb64fd15_Frame%201000003397.svg
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19abf10bb2d872dcb553bb9a05f47e89fa1dabf7a16a7a378f8ee3a7d3fd7a8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"be3de53f1616eb0593aec67429966243"
x-amz-version-id
XEHBQ8x325bwz2rlrvc6KUqLOOqIwjp2
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
image/svg+xml
last-modified
Wed, 11 Oct 2023 03:33:02 GMT
vary
Accept-Encoding
x-amz-id-2
groNLOgw+RCLEghgVYov/Oodk2OaxM+0nN2JVUpyoBKdlFdeu2NSP6BbOr1SieG8FXZC2gbJ1mKG5E6hMbbtPw==
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
5E1HJ1N82NN74J86
cf-ray
8de5ce4c5cebfada-SJC
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
6500da26cf281193c61b3060_arrow-right-line%20(1).svg
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
261 B
580 B
Image
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/6500da26cf281193c61b3060_arrow-right-line%20(1).svg
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f35e3053e2c1d4ce728d5a7ff6429095be16304d075fbc8bd51805dc6163bc5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
cf-cache-status
EXPIRED
etag
W/"bd8743f61d9862cf9adb6bdf6ffd877e"
x-amz-version-id
ziRawS6tm7euOA0XYcIcWbJgK1E_iWcB
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Sep 2023 21:37:43 GMT
vary
Accept-Encoding
x-amz-id-2
0eFEME483Zd9Uo3hfR2ZOjbtCWTp1pIpDTOCHlsA5cYc9PgwpNTjkpZ1h/e6mIch120YcCz3Z9k=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
TT19TCGRM5Z6RR3Z
cf-ray
8de5ce4c5cecfada-SJC
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
6500da19e6dac50f7d0497aa_arrow-right-line%20(2).svg
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
261 B
600 B
Image
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/6500da19e6dac50f7d0497aa_arrow-right-line%20(2).svg
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4777c8c5372c872617289dceb562bca5cb2756ffabd35afbda6fe8b04715361f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
cf-cache-status
EXPIRED
etag
W/"e57c88a96a4c4b48bbc758a928fcc0ed"
x-amz-version-id
vo7Y4zxQLxRN35F0skTebSAIAw_F.N6E
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Sep 2023 21:37:30 GMT
vary
Accept-Encoding
x-amz-id-2
R/hYc8jcor3Y5Iqbn1iG2jv/PLvIq1vWQZk+V9ZfBat78EPKSvKbP0ICNFKyqr8xKbYghiFp4i/rhiArb67P5rrcL0EZg4b7csPr2D4d96k=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
TT15MF75VK9VMEGW
cf-ray
8de5ce4c5cedfada-SJC
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
6500ff570d134d051126405a_Group%201000002097.svg
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
1 KB
700 B
Image
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/6500ff570d134d051126405a_Group%201000002097.svg
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
688c5da8a81e611cf5c1f4e03e24c6a96e309bb5c51fd83d9307b405f55ad2ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
cf-cache-status
EXPIRED
etag
W/"530779defcb71f2f9c21902345a6476f"
x-amz-version-id
_J8COvBoGSU9nGKtwFbCl57_Cax5Jz3G
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
image/svg+xml
last-modified
Wed, 13 Sep 2023 00:16:25 GMT
vary
Accept-Encoding
x-amz-id-2
HbFb76f6hMs5oDXo3Ic6Zn6AAXWzHZK9+04iUHD5NcbqYnqVAkTaTtLnA7PgVT5Y8KDkO2opNRUR2nNCcpWXwg==
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
TT124N6STTQ6RTPW
cf-ray
8de5ce4c5ceefada-SJC
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
65539de9b7df2a0205c19a52_whatsapp.svg
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
2 KB
1 KB
Image
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/65539de9b7df2a0205c19a52_whatsapp.svg
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
551b4bdf4227a99d4d0c9cab741d23f5d40f7c24449670b47a897b1cad34766d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"fc069b1e289d15be66c97c7ebe34b478"
x-amz-version-id
ootMHeahZn1N3K1FzhzZAS2Lr1e0asDt
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
image/svg+xml
last-modified
Tue, 14 Nov 2023 16:18:50 GMT
vary
Accept-Encoding
x-amz-id-2
efvFhZNJbnx4w7j4rVGXW8sUoIPGtyI558JmlZIbXMSQM5o3dHFdVYlgCUe1Qv7ydn58nM5lFZo1nycAdAmX+pamP0Yeki3g
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
GEY2PMAE84897113
cf-ray
8de5ce4d2dbafada-SJC
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:regular,500,600,700%7CRoboto:regular,italic,500,500italic,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heru.app
Referer
https://fonts.googleapis.com/

Response headers

age
552578
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 31 Oct 2025 05:05:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 05:05:04 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:regular,500,600,700%7CRoboto:regular,italic,500,500italic,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heru.app
Referer
https://fonts.googleapis.com/

Response headers

age
7810
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 12:24:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 12:24:32 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v32/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:regular,500,600,700%7CRoboto:regular,italic,500,500italic,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
sffe /
Resource Hash
a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heru.app
Referer
https://fonts.googleapis.com/

Response headers

age
499313
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 31 Oct 2025 19:52:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 19:52:49 GMT
last-modified
Thu, 01 Aug 2024 20:41:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20144
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:regular,500,600,700%7CRoboto:regular,italic,500,500italic,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heru.app
Referer
https://fonts.googleapis.com/

Response headers

age
598767
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 16:15:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 16:15:15 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:regular,500,600,700%7CRoboto:regular,italic,500,500italic,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
sffe /
Resource Hash
a82cf4c922189b14c3f7ebe5a2d8b6cea17ed594a92457095eb679a43ec1c738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heru.app
Referer
https://fonts.googleapis.com/

Response headers

age
499436
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 31 Oct 2025 19:50:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 19:50:46 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20160
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:regular,500,600,700%7CRoboto:regular,italic,500,500italic,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heru.app
Referer
https://fonts.googleapis.com/

Response headers

age
82655
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 05 Nov 2025 15:37:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 15:37:07 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/
409 KB
131 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ERXW70X2GX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGFNH2T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
596c10300ebc223a9e9ddc4dce2f28f3af364da9889ace16231169d50744d01a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 06 Nov 2024 14:34:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
134079
x-xss-protection
0
server
Google Tag Manager
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.heru.app%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1310021097.1730903683&auid=1582685843.1730903683&npa=0&gtm=45He4au0v851102220za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&tft=1730903682898&tfd=3793&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGFNH2T
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

insight.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGFNH2T
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:6::17df:d149 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

cache-control
max-age=60432
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Wed, 06 Nov 2024 14:34:43 GMT
last-modified
Thu, 22 Aug 2024 11:06:54 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
destination
www.googletagmanager.com/gtag/
409 KB
131 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-449432269&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGFNH2T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b7d83360b7844a89c540830a4beacb7c0364e476a2b2df5d9e34028ae7dc6c5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Wed, 06 Nov 2024 14:34:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
134113
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGFNH2T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
gzip
age
61
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 16:33:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 14:33:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
uwt.js
static.ads-twitter.com/
57 KB
16 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGFNH2T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"4328e910de583ad53b3a7a76455af005+gzip"
accept-ranges
bytes
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15926
date
Wed, 06 Nov 2024 14:34:43 GMT
x-tw-cdn
FT
last-modified
Tue, 29 Oct 2024 20:04:45 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000123-IAD
x-amz-server-side-encryption
AES256
bat.js
bat.bing.com/
50 KB
15 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGFNH2T
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 90976E4A78A748989F5DB231A391048C Ref B: LAXEDGE1821 Ref C: 2024-11-06T14:34:43Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Wed, 06 Nov 2024 14:34:42 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
9494835.js
js.hs-scripts.com/
1 KB
950 B
Script
General
Full URL
https://js.hs-scripts.com/9494835.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGFNH2T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f76b695b7c8607f231f3076fe84c82f54945c08f03afd58eb8bde50cd8f596
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
HIT
age
18
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 14:36:13 GMT
date
Wed, 06 Nov 2024 14:34:43 GMT
x-hubspot-correlation-id
9ef7f38b-bcdb-4119-b0da-a8dadad6ab51
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
last-modified
Wed, 06 Nov 2024 14:33:05 GMT
cache-control
public, max-age=90
access-control-allow-credentials
true
cf-ray
8de5ce538ef40fd4-LAX
accept-ranges
bytes
access-control-allow-origin
https://web.heru.app
content-length
579
server
cloudflare
events.js
analytics.tiktok.com/i18n/pixel/
5 KB
2 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CELNVTBC77U8PGM00N4G&lib=ttq
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.190.40 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-190-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a1a46271311bbbb45f5a09be24d8f4da32d22da99ee07ba882fa186fab450db2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
gzip
expires
Wed, 06 Nov 2024 14:34:43 GMT
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=14
x-cache
TCP_MISS from a184-28-190-14.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date
Wed, 06 Nov 2024 14:34:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
f01b15c
x-tt-trace-host
012180f69a7f42a71d0771def4c5a903720342b6945c15fedcb7dedbfe0df2934a8b972cda610ced49f32e9d757bb38145f5e73badd535acec870a19627570bf5a3591261e40bcb0cc5ececcb1d7fca6b467a0f4e8aa9ec3f3c6dc30869b43a76c
x-origin-response-time
15,184.28.190.14
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2411061434431AF6F82572622E2DEEF5-7272FD2617B9E9D0-00
content-length
1650
x-tt-logid
202411061434431AF6F82572622E2DEEF5
server
nginx
a.js
d2r1yp2w7bby2u.cloudfront.net/js/
45 KB
16 KB
Script
General
Full URL
https://d2r1yp2w7bby2u.cloudfront.net/js/a.js?v=0
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-13.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7b1816ab118b90502e3c282a911c9561fce0668d8f3eff0616ed7b22cba24cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

Content-Encoding
gzip
ETag
W/"c666107a7c74537f261b1b9d0d61c4ae"
Age
264
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
LJiGEaGzWOgtZHblq8ciev1TOKGFpyf1XMNDNYjKn7t8fmcZoKeaPA==
Date
Wed, 06 Nov 2024 14:30:20 GMT
Content-Type
application/javascript
Vary
accept-encoding
Last-Modified
Fri, 04 Oct 2024 10:31:56 GMT
Transfer-Encoding
chunked
Cache-Control
max-age=1800, private
Connection
keep-alive
Via
1.1 959ac13ef19fa38a0d3684985f996ffc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR53-C1
Server
AmazonS3
x-amz-server-side-encryption
AES256
edrd4ts3qz
www.clarity.ms/tag/
707 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/edrd4ts3qz?ref=gtm2
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a9cc6493ead75354e3797c509e2f5726e23c2833e61cde701355461bd85f9367

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
707
date
Wed, 06 Nov 2024 14:34:43 GMT
content-type
application/x-javascript
x-azure-ref
20241106T143443Z-r16b4c4bf64dc6n5hC1SJCxyyn00000005x000000000474m
js
www.googletagmanager.com/gtag/
409 KB
131 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-449432269&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGFNH2T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e0036ca24699a9eb7bfb6c30001f5b797d724dc585f53285d95463b5b9dc9f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 06 Nov 2024 14:34:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 14:34:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
134081
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
55270971fdc4172d5cbba95dadd779074eadb9c50bf16c2b3253ccc6bc8fc363
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-7ak7iZ9M' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:43 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-7ak7iZ9M' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=135, rtx=0, c=24, mss=1232, tbw=8215, tp=13, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
jKxZKyk71QH9SDSQc9pis5zkgdwHR2E7saUIdbSRaXLgMUAflRVEl3+vppCISRAbaWf0diDdDHb7Fw58sFO5yg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62086
x-xss-protection
0
origin-agent-cluster
?1
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 9F72
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.heru.app
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGFNH2T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Nov 2024 14:34:43 GMT
expires
Thu, 06 Nov 2025 14:34:43 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/449432269/
43 B
61 B
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/449432269/?random=1730903683009&cv=11&fst=1730903683009&bg=ffffff&guid=ON&async=1&gtm=45be4au0v867719857z8851102220za200zb851102220&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heru.app%2F&_dbg=true&hn=www.googleadservices.com&frm=0&tiba=Heru%20%E2%80%93%20Declaraciones%20de%20Impuestos%20Autom%C3%A1ticas&npa=0&pscdl=noapi&auid=1582685843.1730903683&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-449432269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
37
date
Wed, 06 Nov 2024 14:34:43 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
449432269
td.doubleclick.net/td/rul/ Frame 8854
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/449432269?random=1730903683009&cv=11&fst=1730903683009&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4au0v867719857z8851102220za200zb851102220&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heru.app%2F&_dbg=true&hn=www.googleadservices.com&frm=0&tiba=Heru%20%E2%80%93%20Declaraciones%20de%20Impuestos%20Autom%C3%A1ticas&npa=0&pscdl=noapi&auid=1582685843.1730903683&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-449432269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heru.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Nov 2024 14:34:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-ERXW70X2GX&gtm=45be4au0v867719857z8851102220za200zb851102220&_p=1730903681848&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=1612872283.1730903683&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1730903683&sct=1&seg=0&dl=https%3A%2F%2Fwww.heru.app%2F&dt=Heru%20%E2%80%93%20Declaraciones%20de%20Impuestos%20Autom%C3%A1ticas&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true&tfd=3935
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-449432269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.heru.app
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 14:34:43 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
544 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ERXW70X2GX&cid=1612872283.1730903683&gtm=45be4au0v867719857z8851102220za200zb851102220&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101878899~101878944~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-449432269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.heru.app
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 14:34:43 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 70FD
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-ERXW70X2GX&gacid=1612872283.1730903683&gtm=45be4au0v867719857z8851102220za200zb851102220&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&z=1893736829
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-449432269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heru.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Nov 2024 14:34:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
banner.js
js.hs-banner.com/v2/9494835/
71 KB
26 KB
Script
General
Full URL
https://js.hs-banner.com/v2/9494835/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9494835.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1830e61c0b690e82289dd229315e8bc973bed3c0e964c3df76d26e4220a0511a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

x-evy-trace-virtual-host
all
access-control-max-age
604800
x-request-id
60a9f988-b686-41ab-b4c0-2f3579f74928
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding
gzip
cf-cache-status
HIT
etag
W/"247eac766dab77b2fac1e67befc5026f"
x-amz-version-id
JZktw3Htd8Nvfx7vibwgqfh17OWGLKTC
age
19
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires
Wed, 06 Nov 2024 14:36:31 GMT
x-evy-trace-listener
listener_https
date
Wed, 06 Nov 2024 14:34:43 GMT
x-hubspot-correlation-id
60a9f988-b686-41ab-b4c0-2f3579f74928
content-type
text/javascript; charset=UTF-8
last-modified
Thu, 24 Oct 2024 21:45:02 GMT
vary
origin, Accept-Encoding
x-amz-id-2
OX9Y8HOxgznVbg6E2O00AJ3w4a7/yrDFVU6GlAcmMWHleHyUT5WWALd3HdhPgFUXEExPaZ6S/BhKC4x/C/4gCIcYahZGwnxw
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
timing-allow-origin
*
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-hshgg
x-envoy-upstream-service-time
50
access-control-allow-credentials
true
x-amz-request-id
AQBR2Y8B1XBA4N6Q
cf-ray
8de5ce564d412f35-LAX
access-control-allow-origin
https://web.heru.app
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-amz-server-side-encryption
AES256
fb.js
js.hsadspixel.net/
7 KB
4 KB
Script
General
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9494835.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6144618981c80fca080104e28fa48bc41912aae31a58ad36e1432d9c1cf9d5d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

x-evy-trace-virtual-host
all
x-request-id
1280e994-1efe-4561-875d-2930e64e3e18
content-encoding
gzip
cf-cache-status
HIT
etag
W/"76367ddc85492db14f5361987fccfd44"
x-amz-version-id
UwBX7zUuC9E5MNMBh4AFP_6NkikeH7ZM
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
age
169
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-hs-cache-status
MISS
x-amz-cf-id
Hw0dDtsj5ZFvhYxQZbYCYjvnXh75CFvRmD-31Hr00XOyxcF2hYfmcQ==
date
Wed, 06 Nov 2024 14:34:43 GMT
x-hubspot-correlation-id
1280e994-1efe-4561-875d-2930e64e3e18
content-type
application/javascript; charset=utf-8
last-modified
Tue, 05 Nov 2024 15:19:28 UTC
vary
accept-encoding
x-evy-trace-listener
listener_https
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-86c46c9777-tzjb2
x-envoy-upstream-service-time
4
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.637/bundles/pixels-release.js&cfRay=8ddde1580e6a52e9-DFW
via
1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
cf-ray
8de5ce5699d508af-LAX
x-evy-trace-route-configuration
listener_https/all
x-hs-target-asset
adsscriptloaderstatic/static-1.637/bundles/pixels-release.js
x-amz-cf-pop
IAD12-P3
server
cloudflare
x-amz-server-side-encryption
AES256
9494835.js
js.hs-analytics.net/analytics/1730903400000/
68 KB
25 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1730903400000/9494835.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9494835.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a05d0aaa4d419c028605f7b86668e494ec4a45e17549a7ca36d68ae5a8d38d85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

x-amz-server-side-encryption
AES256
x-request-id
eb8b8e1c-0d72-4467-b778-81dc9a4d3c15
content-encoding
gzip
cf-cache-status
HIT
etag
W/"7d7540f3921444f1b33c0a83e8388d5b"
x-amz-version-id
null
expires
Wed, 06 Nov 2024 14:36:32 GMT
x-evy-trace-listener
listener_https
date
Wed, 06 Nov 2024 14:34:43 GMT
x-hubspot-correlation-id
eb8b8e1c-0d72-4467-b778-81dc9a4d3c15
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 20:56:24 GMT
vary
origin, Accept-Encoding
x-amz-id-2
VM00zRnfxvbV/SXzsGp+iK9hEE2GG0punWnUif8Qh6OzPfpeN33iMT+TxwaX59Q9R9dYnkOs96I=
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-wpzp6
x-envoy-upstream-service-time
19
access-control-allow-credentials
false
x-amz-request-id
762P65XEFACQ75W4
cf-ray
8de5ce57095069c2-LAX
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/449432269/
43 B
61 B
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/449432269/?random=1730903683271&cv=11&fst=1730903683271&bg=ffffff&guid=ON&async=1&gtm=45je4au0v867719857z8851102220za201&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heru.app%2F&hn=www.googleadservices.com&frm=0&tiba=Heru%20%E2%80%93%20Declaraciones%20de%20Impuestos%20Autom%C3%A1ticas&npa=0&pscdl=noapi&auid=1582685843.1730903683&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ERXW70X2GX&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
37
date
Wed, 06 Nov 2024 14:34:43 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
449432269
td.doubleclick.net/td/rul/ Frame CFEF
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/449432269?random=1730903683271&cv=11&fst=1730903683271&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4au0v867719857z8851102220za201&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heru.app%2F&hn=www.googleadservices.com&frm=0&tiba=Heru%20%E2%80%93%20Declaraciones%20de%20Impuestos%20Autom%C3%A1ticas&npa=0&pscdl=noapi&auid=1582685843.1730903683&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ERXW70X2GX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heru.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Nov 2024 14:34:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
326917754937254
connect.facebook.net/signals/config/
96 KB
19 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/326917754937254?v=2.9.176&r=stable&domain=www.heru.app&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
6d2580a91d02055bd1578b61bc37842342506641dccbe4ef34ec14ee038c1ece
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-oMr2E5kN' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:43 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-oMr2E5kN' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=135, rtx=0, c=80, mss=1232, tbw=74155, tp=71, tpl=0, uplat=82, ullat=0
pragma
public
x-fb-debug
xQvIuSZNorc85ATzdlElG22FjvjM42BQmbUgfcoLGmZBS8AsJiCaTwKR/b9F7tpG4zJq+hZFY3NUwcGNhkdYJw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
97033919.js
bat.bing.com/p/action/
4 KB
2 KB
Script
General
Full URL
https://bat.bing.com/p/action/97033919.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c0e460159ac86925892e0b8c2f6f99673e11ac8741fd6df95016aa8067af27e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=60
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9EC0B0BD821C438EB8130729D1DB2AB3 Ref B: LAXEDGE1821 Ref C: 2024-11-06T14:34:43Z
x-cache
CONFIG_NOCACHE
date
Wed, 06 Nov 2024 14:34:43 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
adsct
t.co/1/i/
43 B
628 B
Image
General
Full URL
https://t.co/1/i/adsct?bci=4&dv=Pacific%2FHonolulu%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=a139ec1a-331d-49e7-b8aa-429ba30b6dd6&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=8ecee195-c27e-4d8c-8f28-29893d45da18&tw_document_href=https%3A%2F%2Fwww.heru.app%2F&tw_iframe_status=0&txn_id=odc5z&type=javascript&version=2.3.31
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_p /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

strict-transport-security
max-age=0
x-transaction-id
33179d301f38c548
cache-control
no-cache, no-store, max-age=0
x-connection-hash
a7b7c1b17423bffc44932e69991bae3de56c15d0a0c04c6af354b10ac1ccfb5e
cf-cache-status
DYNAMIC
cf-ray
8de5ce573f7828f3-LAX
x-response-time
6
content-length
43
date
Wed, 06 Nov 2024 14:34:43 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_p
adsct
analytics.twitter.com/1/i/
43 B
725 B
Image
General
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&dv=Pacific%2FHonolulu%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=a139ec1a-331d-49e7-b8aa-429ba30b6dd6&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=8ecee195-c27e-4d8c-8f28-29893d45da18&tw_document_href=https%3A%2F%2Fwww.heru.app%2F&tw_iframe_status=0&txn_id=odc5z&type=javascript&version=2.3.31
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_p /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
f8ce46e359a781d3
cache-control
no-cache, no-store, max-age=0
x-connection-hash
800798e4a35aa8bc68139e3a5e88ad2d5e2985c3d3b3486fa9bc3cbf00c68109
x-response-time
5
content-length
43
date
Wed, 06 Nov 2024 14:34:43 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_p
attribution_trigger
px.ads.linkedin.com/
2 B
765 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=4588194&time=1730903683536&url=https%3A%2F%2Fwww.heru.app%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Referer
https://www.heru.app/

Response headers

x-li-pop
afd-prod-lva1-x
content-encoding
gzip
x-fs-uuid
0006263f6b35ed5f940290a5f06a6972
x-msedge-ref
Ref A: E1AACFCE32514BEFA4169152B7A7B84E Ref B: LAX311000111023 Ref C: 2024-11-06T14:34:43Z
x-li-fabric
prod-lva1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYmP2s17V+UApCl8Gppcg==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Wed, 06 Nov 2024 14:34:43 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4588194&time=1730903683536&li_adsId=7f5b9623-eb5a-44b9-9d18-c0eb2f10e5b9&url=https%3A%2F%2Fwww.heru.app%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4588194&time=1730903683536&li_adsId=7f5b9623-eb5a-44b9-9d18-c0eb2f10e5b9&url=https%3A%2F%2Fwww.heru.app%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4588194%26time%3D1730903683536%26li_adsId%3D7f5b9623-eb5a-44b9-9d18-c0eb2f10e5b9%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4588194&time=1730903683536&li_adsId=7f5b9623-eb5a-44b9-9d18-c0eb2f10e5b9&url=https%3A%2F%2Fwww.heru.app%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4588194&time=1730903683536&li_adsId=7f5b9623-eb5a-44b9-9d18-c0eb2f10e5b9&url=https%3A%2F%2Fwww.heru.app%2F&cookiesTest=true&liSync=true&e_ipv6=AQ...
0
489 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4588194&time=1730903683536&li_adsId=7f5b9623-eb5a-44b9-9d18-c0eb2f10e5b9&url=https%3A%2F%2Fwww.heru.app%2F&cookiesTest=true&liSync=true&e_ipv6=AQKD38FZtgDIxgAAAZMB5jRvH2dsd_wvnMcRnxhrfEAln0xd5G7YUwDqPkoBfI8KhEcwhg
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3D45FFAA70334AD2B169C2805602D16F Ref B: LAX311000111045 Ref C: 2024-11-06T14:34:44Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYmP2tAymH7Henods3rbA==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Wed, 06 Nov 2024 14:34:44 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4588194&time=1730903683536&li_adsId=7f5b9623-eb5a-44b9-9d18-c0eb2f10e5b9&url=https%3A%2F%2Fwww.heru.app%2F&cookiesTest=true&liSync=true&e_ipv6=AQKD38FZtgDIxgAAAZMB5jRvH2dsd_wvnMcRnxhrfEAln0xd5G7YUwDqPkoBfI8KhEcwhg
x-msedge-ref
Ref A: 562E942922DF4D96A7898608CF013F2A Ref B: LAXEDGE1914 Ref C: 2024-11-06T14:34:44Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYmP2s8tHbnJlr9R5L8Sw==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Wed, 06 Nov 2024 14:34:43 GMT
a
wzrkt.com/
259 B
848 B
Script
General
Full URL
https://wzrkt.com/a?t=96&type=push&d=N4IgLgngDgpiBcIoCcD2AzAlgGzgGiTS1wVAGMwB9VKMVAVzAXQENsBnGAXwMwBMEIABwAWEQFoA6pIBs4kbIBaIAlADmCAIxcgAAA%3D%3D&optOut=false&rn=1&i=1730903683&sn=0&useIP=false&r=1730903683542
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js?v=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:ac00:1e:3056:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
8964f2a6c31f39baf21579328cca6c5e52611b221db8eefe5a48e0cd9d6cf5b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

Content-Encoding
gzip
Expires
0
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
4a9DmzFU_Ea_iM-EGhEpe8DWFzG-MlBJroQnBx8ah-lyTPWlmQegbA==
Date
Wed, 06 Nov 2024 14:34:43 GMT
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding, User-Agent
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Cache-Control
no-cache, no-store, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Via
1.1 eb7da8ca0dd07aa429ce47312003e292.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK50-P7
Server
CloudFront
main.MTJhNGMzN2YwMA.js
analytics.tiktok.com/i18n/pixel/static/
336 KB
93 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CELNVTBC77U8PGM00N4G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.190.40 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-190-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8838b00c4d65fb353a4fc115fb3d5ec4ac665dddd47131dbcb41799e5ce6b25a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

x-cache
TCP_HIT from a184-28-190-14.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=14
x-tt-trace-id
00-24102412350399205DAB1F24AC9BA3BA-4AD452F5A229301F-00
content-length
95089
date
Wed, 06 Nov 2024 14:34:43 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
2024102412350399205DAB1F24AC9BA3BA
server
nginx
x-akamai-request-id
f01b25c
x-tt-trace-host
016ccfb16bc0d64da77b03373b0e08ac694ca0b239f59c871d895d8c41f1cbfa8806835536bf1cb3e84646c406759f1dfe54c44535e0f3927f915371019ae4c26864008029eb626ae9a77dc9b19f2f826c22aedae56072522c02e75aa39034a6eb
97033919
www.clarity.ms/tag/uet/
867 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/uet/97033919
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/97033919.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ac85efbd81d621656a16aa09d646ead7d9bf3f385ce49d25b47c1c64cab52433

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
867
date
Wed, 06 Nov 2024 14:34:43 GMT
content-type
application/x-javascript
x-azure-ref
20241106T143443Z-r16b4c4bf64dc6n5hC1SJCxyyn00000005x000000000474t
0
bat.bing.com/action/
0
230 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=97033919&tm=gtm002&Ver=2&mid=577aa07a-8152-4045-82ed-82537a3056fd&bo=1&sid=437d3b909c4c11efb54b11c9ec0288d9&vid=437d4f309c4c11efa0ec5b553c7770b9&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Heru%20%E2%80%93%20Declaraciones%20de%20Impuestos%20Autom%C3%A1ticas&p=https%3A%2F%2Fwww.heru.app%2F&r=&lt=2958&evt=pageLoad&sv=1&cdb=AQAQ&rn=143848
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3498CEF5CAA24BE5A36ACB7C057732D5 Ref B: LAXEDGE1821 Ref C: 2024-11-06T14:34:43Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Wed, 06 Nov 2024 14:34:43 GMT
0
bat.bing.com/action/
0
362 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=97033919&tm=gtm002&Ver=2&mid=577aa07a-8152-4045-82ed-82537a3056fd&bo=2&sid=437d3b909c4c11efb54b11c9ec0288d9&vid=437d4f309c4c11efa0ec5b553c7770b9&vids=0&msclkid=N&gtm_tag_source=ga4&tpp=1&ea=gtm.dom&en=Y&p=https%3A%2F%2Fwww.heru.app%2F&sw=1600&sh=1200&sc=24&evt=custom&cdb=AQAQ&rn=817363
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7D38FF68B0A9479F8E16B7C4DABF81DE Ref B: LAXEDGE1821 Ref C: 2024-11-06T14:34:43Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Wed, 06 Nov 2024 14:34:43 GMT
clarity.js
www.clarity.ms/s/0.7.49/
64 KB
27 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.49/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/edrd4ts3qz?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

x-azure-ref
20241106T143443Z-r16b4c4bf64dc6n5hC1SJCxyyn00000005x000000000474u
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCF3CA14C9A428"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
852f34a1-c01e-0014-5af7-2c66b4000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Wed, 06 Nov 2024 14:34:43 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 01:20:43 GMT
collect
www.google-analytics.com/j/
15 B
433 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=227426415&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heru.app%2F&ul=en-us&de=UTF-8&dt=Heru%20%E2%80%93%20Declaraciones%20de%20Impuestos%20Autom%C3%A1ticas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1356909087&gjid=600533757&cid=1612872283.1730903683&tid=UA-186001579-1&_gid=1477327633.1730903684&_r=1&_slc=1&gtm=45He4au0n81NGFNH2Tv851102220za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&z=889618200
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
66bde3f6da3827f9f8e774b0e5c25178503cba6c4d5a75de62ad5ec39f786fb9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.heru.app/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 14:34:43 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.heru.app
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
/
www.facebook.com/tr/
0
271 B
Image
General
Full URL
https://www.facebook.com/tr/?id=326917754937254&ev=PageView&dl=https%3A%2F%2Fwww.heru.app&rl=&if=false&ts=1730903683642&sw=1600&sh=1200&v=2.9.176&r=stable&a=gtmss&ec=0&o=12318&fbp=fb.1.1730903683636.305965809256999016&cs_est=true&pm=1&hrl=a292da&ler=empty&cdl=API_unavailable&it=1730903683390&coo=false&eid=804ea764-ad27-476c-b361-c3e0664c8763_1730903681848.20&cs_cc=1&cas=7243452855752799%2C25316835817930153%2C7124383397627429%2C6556810841112071%2C4463924973652744&rqm=GET
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=134, rtx=0, c=10, mss=1297, tbw=2967, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 06 Nov 2024 14:34:43 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
5 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=326917754937254&ev=PageView&dl=https%3A%2F%2Fwww.heru.app&rl=&if=false&ts=1730903683642&sw=1600&sh=1200&v=2.9.176&r=stable&a=gtmss&ec=0&o=12318&fbp=fb.1.1730903683636.305965809256999016&cs_est=true&pm=1&hrl=a292da&ler=empty&cdl=API_unavailable&it=1730903683390&coo=false&eid=804ea764-ad27-476c-b361-c3e0664c8763_1730903681848.20&cs_cc=1&cas=7243452855752799%2C25316835817930153%2C7124383397627429%2C6556810841112071%2C4463924973652744&rqm=FGET
Requested by
Host: www.heru.app
URL: https://www.heru.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7434174717308304462"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9acefc2bc25ddd99","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["3076817635733981","4026300787410286"]},"debug_reporting":true,"debug_key":"2530567810891933329"}
date
Wed, 06 Nov 2024 14:34:44 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
VPVjuec3F19/gyp1DHf+hZrICjz+VN5yCJ9yGDq6gKxnnSbbEPkOT1zo2pMrVwUI7sIJINmNax799jLEPereHg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7434174717308304462", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=134, rtx=0, c=10, mss=1297, tbw=3282, tp=-1, tpl=-1, uplat=84, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/
122 B
798 B
XHR
General
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=9494835
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f16c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2281d057190616d22ab53e8ef3a0492ae784a36d865d51818ae49f0a9f7d337e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

access-control-max-age
180
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UduaExEefdkMFde3ZO%2Fl8pelZXrW5FiEIgcbsvqjdrXTQ6lTjV7tlslAgKqroacSQf85ESbAxfhhD5kBsIJbnP7RsQPM8taRECNjEpfU0fGyi6JFtmgmMrayXD9zAivZ%2FNpjWFgnHj1CdHkq"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
date
Wed, 06 Nov 2024 14:34:44 GMT
x-hubspot-correlation-id
de52cc32-017d-499a-99cf-dedf308e8c82
content-type
application/json;charset=utf-8
vary
origin, Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
false
cf-ray
8de5ce5829867ecb-LAX
access-control-allow-origin
https://www.heru.app
server
cloudflare
js
www.googletagmanager.com/gtag/
358 KB
120 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-J2YF3FBLC5&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.8 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
bafeb537197cf522923dd100f4699cf92fb43041525cd28f5b5cf730904ebde0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 06 Nov 2024 14:34:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 14:34:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
122993
x-xss-protection
0
server
Google Tag Manager
collect
h.clarity.ms/
0
276 B
XHR
General
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.8.64.151 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.heru.app/

Response headers

Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin
https://www.heru.app
Date
Wed, 06 Nov 2024 14:34:44 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
identify_7bf75739.js
analytics.tiktok.com/i18n/pixel/static/
146 KB
39 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.190.40 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-190-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

x-cache
TCP_MEM_HIT from a184-28-190-14.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
x-tt-trace-id
00-240830022524D643E883E955D7849F3F-0DCC6A18438E6732-00
content-length
39500
date
Wed, 06 Nov 2024 14:34:44 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20240830022524D643E883E955D7849F3F
server
nginx
x-akamai-request-id
f01b4ea
x-tt-trace-host
01cad7a044193c13018231a410d7c9e91e4a851bed04eaed96c8c7eddaf9fd90df896b3fb2b4e2ed0d5f0a2975210150900007eb2d321d07150fecaf5e8221781a29b107969faba354fc947ec0deee5f3c7b17429e253ed90d388104cc38b477f3
pixel
analytics.tiktok.com/api/v2/
0
723 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.190.40 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-190-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.heru.app/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 06 Nov 2024 14:34:44 GMT
server-timing
inner; dur=167, cdn-cache; desc=MISS, edge; dur=13, origin; dur=189
x-cache
TCP_MISS from a184-28-190-14.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date
Wed, 06 Nov 2024 14:34:44 GMT
x-akamai-request-id
f01b4f9
access-control-allow-headers
Authorization,*
x-tt-trace-host
012180f69a7f42a71d0771def4c5a903720342b6945c15fedcb7dedbfe0df2934a9642fb2e7d33cb194c6c8d55d67ed67ba6ee08b2425c0b1842b4e309154565db0462f5ca9b9506c19de4c972c0d06ceab9fa759d785ad9a186b03b710f8075ca
x-origin-response-time
190,184.28.190.14
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241106143444374A66FC910383EB35C6-678BA7DC8BBDB228-00
content-length
0
x-tt-logid
20241106143444374A66FC910383EB35C6
server
nginx
a
wzrkt.com/
335 B
930 B
Script
General
Full URL
https://wzrkt.com/a?t=96&type=page&d=N4IglgJiBcIBwBYEFoDqqBsyGYFogBoQAHAcxgEYiBjMmEACwBcniBnaAek4Hc%2BA6BgFMATgFd%2BAQ2LFOhEKlwAlANIB9AMIBBALIAFGKB4BbYjAAMRJgBtqMANoBdAL7OgAAA%3D%3D&rn=2&i=1730903683&sn=0&gc=1e0f109c9cb048be9783e18b2a33fcec&arp=N4IgVg%2BgdiBcIC0DuBeFIA0ICW04gE0B1AOQBsAzAQQFkAhO1dLAEwgBcBnOABlYAteWAG5wATFkjd4wAL6YcLfAA4ALKoC0RIgDYNq3QgUAnDtICMAdgDMPAJw9rO5ddlAAAA%3D%3D&useIP=false&r=1730903684119
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js?v=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:ac00:1e:3056:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
584d26ac639aec11030c3e9baa53961845b1d1baff1260d79fe42d8da9726b94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

Content-Encoding
gzip
Expires
0
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
p0kwZDf0BeIE29RICcqE3LHJy-UabEt_3ULDkcCvJF3rkD--MVbMeQ==
Date
Wed, 06 Nov 2024 14:34:44 GMT
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding, User-Agent
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Cache-Control
no-cache, no-store, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Via
1.1 eb7da8ca0dd07aa429ce47312003e292.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK50-P7
Server
CloudFront
act
analytics.tiktok.com/api/v2/pixel/
0
719 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.190.40 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-190-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.heru.app/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 06 Nov 2024 14:34:44 GMT
server-timing
inner; dur=20, cdn-cache; desc=MISS, edge; dur=13, origin; dur=29
x-cache
TCP_MISS from a184-28-190-14.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date
Wed, 06 Nov 2024 14:34:44 GMT
x-akamai-request-id
f01b643
access-control-allow-headers
Authorization,*
x-tt-trace-host
012180f69a7f42a71d0771def4c5a903720342b6945c15fedcb7dedbfe0df2934a564c785b82f93ab456a1ccb57cdc271f89bceff6e11b12ab8a0ff48a0c2f26a05f8cb68381d073eff24ef22e85a6aea205461ad44a0e61e3eea6062f1f00e41c
x-origin-response-time
30,184.28.190.14
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241106143444CF2E787FB3BF0934B074-73F084CC6D9A5E8C-00
content-length
0
x-tt-logid
20241106143444CF2E787FB3BF0934B074
server
nginx
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-J2YF3FBLC5&gtm=45je4au0v9125947722za200&_p=1730903681848&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&ul=en-us&sr=1600x1200&cid=1612872283.1730903683&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.heru.app%2F&dt=Heru%20%E2%80%93%20Declaraciones%20de%20Impuestos%20Autom%C3%A1ticas&sid=1730903684&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5228
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J2YF3FBLC5&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.heru.app
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 14:34:44 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
49 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J2YF3FBLC5&cid=1612872283.1730903683&gtm=45je4au0v9125947722za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101823848~101878899~101878944~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J2YF3FBLC5&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.heru.app
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 14:34:44 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 3A33
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-J2YF3FBLC5&gacid=1612872283.1730903683&gtm=45je4au0v9125947722za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&z=349501781
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J2YF3FBLC5&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heru.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Nov 2024 14:34:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
px.ads.linkedin.com/wa/
0
193 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heru.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E0ABD94422C146C5B1AE374CC9DA1359 Ref B: LAXEDGE1914 Ref C: 2024-11-06T14:34:44Z
x-li-fabric
prod-ltx1
access-control-allow-credentials
true
x-li-uuid
AAYmP2tDF7cE70XHcaE6qQ==
x-li-proto
http/2
access-control-allow-origin
https://www.heru.app
x-cache
CONFIG_NOCACHE
date
Wed, 06 Nov 2024 14:34:43 GMT
vary
Origin
blockedDomains.json
hubspotonwebflow.com/assets/js/
98 KB
23 KB
Fetch
General
Full URL
https://hubspotonwebflow.com/assets/js/blockedDomains.json
Requested by
Host: hubspotonwebflow.com
URL: https://hubspotonwebflow.com/assets/js/form-124.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
944352d0198c673b45a699471c970aef85458ea3c58a3ed825b0f0e4f33f999c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

strict-transport-security
max-age=63072000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
W/"04708d47dd194d37b8231a65de7a66f1"
age
2224845
x-matched-path
/assets/js/blockedDomains.json
access-control-allow-origin
*
date
Wed, 06 Nov 2024 14:34:44 GMT
content-disposition
inline; filename="blockedDomains.json"
content-type
application/json; charset=utf-8
server
Vercel
last-modified
Thu, 10 Oct 2024 20:46:41 GMT
x-vercel-id
sfo1::4sg9k-1730903684613-c04409426b71
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=371731C1EF1C44DCBB48B55FE3E250DE&RedC=c.clarity.ms&MXFR=1EFACA9002986A7203D2DFBF069864F1
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=371731C1EF1C44DCBB48B55FE3E250DE&MUID=361A8EC51133618227819BEA10B760C2
42 B
442 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=371731C1EF1C44DCBB48B55FE3E250DE&MUID=361A8EC51133618227819BEA10B760C2
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"8d3dafd6e71fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Wed, 06 Nov 2024 14:34:44 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 16:24:13 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=371731C1EF1C44DCBB48B55FE3E250DE&MUID=361A8EC51133618227819BEA10B760C2
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C2A2A306935645F1BDC078A609FE218A Ref B: LAXEDGE1817 Ref C: 2024-11-06T14:34:45Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Wed, 06 Nov 2024 14:34:44 GMT
x-powered-by
ASP.NET
__ptq.gif
track.hubspot.com/
45 B
1 KB
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1639347869&v=1.1&a=9494835&pu=https%3A%2F%2Fwww.heru.app%2F&t=Heru+%E2%80%93+Declaraciones+de+Impuestos+Autom%C3%A1ticas&cts=1730903684584&vi=592fbd0c84cdae1ebba7abf413328042&nc=true&u=257928724.592fbd0c84cdae1ebba7abf413328042.1730903684579.1730903684579.1730903684579.1&b=257928724.1.1730903684579&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

x-robots-tag
none
x-request-id
b3656420-7b20-401c-97d3-af6b5f22056e
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5hLw2cD5T1WV%2BP209h2rd%2BLjcErGVgN9hkwGqBd%2F2xQ0EwkBLGjY58Yn7HOU1UcgbIk9s389s4Kkgc7%2FNTnB4V0S52zy2dZ0vcFYAS0MWSc6A4jecQPqMiYtiBrRiYsOiXHsH6%2BvBNxxOIHpHw8w"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Wed, 06 Nov 2024 14:34:44 GMT
x-hubspot-correlation-id
b3656420-7b20-401c-97d3-af6b5f22056e
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-746d57b5c6-2lx62
x-envoy-upstream-service-time
8
access-control-allow-credentials
false
cf-ray
8de5ce5ddf4c7c61-LAX
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
6545810cf4c18235e4c27e21_623b4afd5d28185c14287472_faviconheru.jpg
cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/
3 KB
3 KB
Other
General
Full URL
https://cdn.prod.website-files.com/64ffc284d4f4b02ae8db4470/6545810cf4c18235e4c27e21_623b4afd5d28185c14287472_faviconheru.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ab8a1c8be6febbc6881d0dac056826dab3fa2c649367eaafe31b0a597b63b61

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

cf-bgj
h2pri
etag
"5a9b467b7580376213fd218eb6e626bb"
x-amz-version-id
QgxiSoIoGpYz6zvwzQJV6qJwBZRMO5CH
cf-cache-status
HIT
age
1866
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 14:34:44 GMT
content-type
image/jpeg
last-modified
Fri, 03 Nov 2023 23:23:57 GMT
vary
Accept-Encoding
x-amz-id-2
cJfT0UuFStcNy5WR/w6YOmVn39yDYFI7pD89uZen+9zZv9QEBT6FdQu7dQpDWc9Q8LBS5OqYU7s=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
942CG4810KFK90N4
cf-ray
8de5ce5d0f09fada-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
2788
server
cloudflare
x-amz-server-side-encryption
AES256
collect
h.clarity.ms/
0
276 B
XHR
General
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.8.64.151 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.heru.app/

Response headers

Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin
https://www.heru.app
Date
Wed, 06 Nov 2024 14:34:45 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-ERXW70X2GX&gtm=45be4au0v867719857z8851102220za200zb851102220&_p=1730903681848&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=1612872283.1730903683&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=2&sid=1730903683&sct=1&seg=0&dl=https%3A%2F%2Fwww.heru.app%2F&dt=Heru%20%E2%80%93%20Declaraciones%20de%20Impuestos%20Autom%C3%A1ticas&en=gtm.dom&ep.debug_mode=true&ep.event_id=804ea764-ad27-476c-b361-c3e0664c8763_1730903681848.20&ep.event_name=PageView&_et=11&tfd=8953
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-449432269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heru.app/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.heru.app
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 14:34:48 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| WebFont function| gtag object| dataLayer function| $ function| jQuery function| tram object| Webflow function| updateURLWithUTMParameter function| addUTMParametersToURL object| google_tag_manager object| google_tag_data string| _linkedin_data_partner_id string| GoogleAnalyticsObject function| ga function| twq string| TiktokAnalyticsObject object| ttq object| clevertap object| d string| expires function| clarity function| fbq function| _fbq function| onYouTubeIframeAPIReady object| GooglebQhCsO object| gaGlobal object| _hsp function| UET function| UET_init function| UET_push object| ueto_5eaed55aac object| uetq object| regeneratorRuntime object| twttr function| lintrk boolean| _already_called_lintrk object| wizrocket object| $WZRK_WR object| $CLTP_WR object| gaplugins object| gaData object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran boolean| PIXELS_RAN object| enabledEventSettings object| _hsq function| sanitizeKey boolean| _hstc_loaded object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| clarityuetq object| ORIBILI boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime

46 Cookies

Domain/Path Name / Value
.prod.website-files.com/ Name: __cf_bm
Value: nNqh5McSnhL2GKHj5jepPZmyDAz7bHD3w62.ld72R6M-1730903681-1.0.1.1-sC9.R1d.DQSKWsWPsdkGyNej6g3BocMt9OIrjUKkrza3LWgMxniAZLzwjOF_akOBiwfkFNhuIPAy9DH1vi1g.w
.heru.app/ Name: _gcl_au
Value: 1.1.1582685843.1730903683
www.heru.app/ Name: utm_source
Value: undefined
.heru.app/ Name: _ga_ERXW70X2GX
Value: GS1.1.1730903683.1.0.1730903683.60.0.0
.tiktok.com/ Name: _ttp
Value: 2oTpzgQ4NSMn1cetUJYA6CXoMYr
.heru.app/ Name: _uetsid
Value: 437d3b909c4c11efb54b11c9ec0288d9
.heru.app/ Name: _uetvid
Value: 437d4f309c4c11efa0ec5b553c7770b9
.heru.app/ Name: _ga
Value: GA1.2.1612872283.1730903683
.heru.app/ Name: _gid
Value: GA1.2.1477327633.1730903684
.heru.app/ Name: _gat_UA-186001579-1
Value: 1
.heru.app/ Name: _fbp
Value: fb.1.1730903683636.305965809256999016
.bat.bing.com/ Name: MR
Value: 0
.heru.app/ Name: _clck
Value: 569tqj%7C2%7Cfqn%7C0%7C1771
.bing.com/ Name: MUID
Value: 361A8EC51133618227819BEA10B760C2
.t.co/ Name: muc_ads
Value: ba59406f-f21a-46d2-a4e5-dcd31c4f38ae
.t.co/ Name: __cf_bm
Value: G1t4XWU5hQD1suW_n93MqVHklKeJxrxlwMmtRNg5tOI-1730903683-1.0.1.1-k0LyZv8kCGyjZNz9lPluj4pLZC2BJa7qB70G_FlRbl7cAZshKl8YphV1N12vm1E6G7O2d9Z9cHw.kNKMxae1wg
.linkedin.com/ Name: li_sugr
Value: 2c0efd81-57e8-4782-bde7-648166d3d434
.linkedin.com/ Name: bcookie
Value: "v=2&9b290635-acd2-4ff5-845d-7124a854d7a1"
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=3033:u=1:x=1:i=1730903683:t=1730990083:v=2:sig=AQFDpT4fMuC8um1hSTgCt7a3Ak18fek0"
.twitter.com/ Name: guest_id_marketing
Value: v1%3A173090368381703243
.twitter.com/ Name: guest_id_ads
Value: v1%3A173090368381703243
.twitter.com/ Name: personalization_id
Value: "v1_2qjjZciYJhEGVj8RD6AwWg=="
.twitter.com/ Name: guest_id
Value: v1%3A173090368381703243
.linkedin.com/ Name: UserMatchHistory
Value: AQJYrwywizUaagAAAZMB5jNUA8u_A7JofKAp-REY412zGqXHE1yN2IHt0eNIsjyUxeVY9_T7abfR8w
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQK3XRJV2M_pDAAAAZMB5jNUK1AFv21CGAN8WaGnII7zL9tvulBISMDcnEoTRI7oXaPg1lnZRX5xoJvO_44FuA
.heru.app/ Name: _tt_enable_cookie
Value: 1
.heru.app/ Name: _ttp
Value: VKd_tqXeICEcoETODzIN4F33G0-
.heru.app/ Name: WZRK_G
Value: 1e0f109c9cb048be9783e18b2a33fcec
www.clarity.ms/ Name: CLID
Value: abe622cc12cc49bb8d63863d65e09708.20241106.20251106
.www.linkedin.com/ Name: bscookie
Value: "v=1&202411061434448f911957-7fa9-49e4-8c93-13570c38985fAQFLW4gVZ4hi_ucuvGhnCAURLR4DlAcM"
.heru.app/ Name: _ga_J2YF3FBLC5
Value: GS1.2.1730903684.1.0.1730903684.60.0.0
.heru.app/ Name: WZRK_S_844-WW6-4W6Z
Value: %7B%22p%22%3A1%2C%22s%22%3A1730903684%2C%22t%22%3A1730903684%7D
.heru.app/ Name: _clsk
Value: ld9mge%7C1730903684443%7C1%7C1%7Ch.clarity.ms%2Fcollect
.doubleclick.net/ Name: IDE
Value: AHWqTUmnwxdWwQn1agvYAExZjJ7hfjdPkqJy2FZJMI-pEs2s4_XamWvPnweCZ2US
.heru.app/ Name: __hstc
Value: 257928724.592fbd0c84cdae1ebba7abf413328042.1730903684579.1730903684579.1730903684579.1
.heru.app/ Name: hubspotutk
Value: 592fbd0c84cdae1ebba7abf413328042
.heru.app/ Name: __hssrc
Value: 1
.heru.app/ Name: __hssc
Value: 257928724.1.1730903684579
.hubspot.com/ Name: __cf_bm
Value: aXbscwqeHugD1DGpedFgrcXFUdki09VwYk.yF26.yzQ-1730903684-1.0.1.1-sr3ZFqJp3YxVrHj.ZOq5FqUlUU7SJY1vmkZfeDRxKyuxhM6HNxxznU00WLNQ495GU2R8ZbG2BndIm8BO1E102A
.hubspot.com/ Name: _cfuvid
Value: DXARtQ_1Ii5zx0lcMYe2uGcKXorW_w.eXRNuuYZyRkk-1730903684868-0.0.1.1-604800000
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 361A8EC51133618227819BEA10B760C2
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 361A8EC51133618227819BEA10B760C2
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
analytics.tiktok.com
analytics.twitter.com
api.hubapi.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.prod.website-files.com
connect.facebook.net
d2r1yp2w7bby2u.cloudfront.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
h.clarity.ms
hubspotonwebflow.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
somosheru.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
td.doubleclick.net
track.hubspot.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.heru.app
www.linkedin.com
www.somosheru.com
wzrkt.com
104.18.160.117
104.244.42.195
13.107.42.14
13.225.63.13
13.33.251.140
142.250.80.100
142.250.80.35
142.250.80.8
142.251.41.2
146.75.28.157
172.66.0.227
184.28.190.40
20.110.205.119
2001:4860:4802:34::181
216.239.36.181
2600:141b:1c00:6::17df:d149
2600:9000:2512:ac00:1e:3056:9b00:93a1
2606:4700:4400::ac40:9310
2606:4700::6810:7674
2606:4700::6810:89d1
2606:4700::6811:afc9
2606:4700::6811:df98
2606:4700::6812:f16c
2607:f8b0:4004:c1d::9c
2607:f8b0:4006:80a::2008
2607:f8b0:4006:816::200a
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::200a
2620:1ec:21::14
2620:1ec:29:1::40
2620:1ec:33:1::10
2620:1ec:c11::237
2a03:2880:f112:83:face:b00c:0:25de
3.233.126.24
31.13.71.7
51.8.64.151
52.206.163.162
76.76.21.93
99.83.190.102
030bd15868132dd44b5d9366d46085cbada489de47690a7debc88b4103dcebe1
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
0ab8a1c8be6febbc6881d0dac056826dab3fa2c649367eaafe31b0a597b63b61
10ef3ba5308697292067120aee8cea7f3341a9a5e691475bc4a29805a5194939
137d4b0845fe5427511acc22a17c97b42f56d9440b965633e3c48acc8de34ead
1830e61c0b690e82289dd229315e8bc973bed3c0e964c3df76d26e4220a0511a
19abf10bb2d872dcb553bb9a05f47e89fa1dabf7a16a7a378f8ee3a7d3fd7a8d
1d43fc0f4bcc0c1e39949f8d9d8dce4b402919ab74775d81a7e36978cb99d7d0
1e8d29c8681199eae1c7998f04683cf917a90e68dde831f121359de5eb7cf6b8
2281d057190616d22ab53e8ef3a0492ae784a36d865d51818ae49f0a9f7d337e
39f76b695b7c8607f231f3076fe84c82f54945c08f03afd58eb8bde50cd8f596
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a56ab2588dfe9cc8d5f08e30c4d8878331219992834366aba16dfef39612b0
4777c8c5372c872617289dceb562bca5cb2756ffabd35afbda6fe8b04715361f
4b6209ab19132c710c92b4caa1cdf9a4cd480422bcca72343b650dc050e13ec9
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
51a5a8c7d5381d994975224d7dec579f6f8792af99a48df6fa79a319ed1693ff
551b4bdf4227a99d4d0c9cab741d23f5d40f7c24449670b47a897b1cad34766d
55270971fdc4172d5cbba95dadd779074eadb9c50bf16c2b3253ccc6bc8fc363
584d26ac639aec11030c3e9baa53961845b1d1baff1260d79fe42d8da9726b94
596c10300ebc223a9e9ddc4dce2f28f3af364da9889ace16231169d50744d01a
6144618981c80fca080104e28fa48bc41912aae31a58ad36e1432d9c1cf9d5d6
66bde3f6da3827f9f8e774b0e5c25178503cba6c4d5a75de62ad5ec39f786fb9
688c5da8a81e611cf5c1f4e03e24c6a96e309bb5c51fd83d9307b405f55ad2ce
6d2580a91d02055bd1578b61bc37842342506641dccbe4ef34ec14ee038c1ece
75423f1049d9014494f98cae50efe0e3fc0941ac1b8818c59a2f253fd71f33ee
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8838b00c4d65fb353a4fc115fb3d5ec4ac665dddd47131dbcb41799e5ce6b25a
8964f2a6c31f39baf21579328cca6c5e52611b221db8eefe5a48e0cd9d6cf5b6
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
944352d0198c673b45a699471c970aef85458ea3c58a3ed825b0f0e4f33f999c
9683cbdb0fe7b1b6ca7cb2aaef08d6d0b8fd48a4a862e2df3803e25f44f0c2c8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e0036ca24699a9eb7bfb6c30001f5b797d724dc585f53285d95463b5b9dc9f4
9efa42e833e969f1a7ea128fbe9fa7f8e8b0caf0422607a82392c97210f51354
9f2c97666f6d84162d162158869a3b9d654c62ffab34adbe6b9dbffff8c301ee
a05d0aaa4d419c028605f7b86668e494ec4a45e17549a7ca36d68ae5a8d38d85
a1a46271311bbbb45f5a09be24d8f4da32d22da99ee07ba882fa186fab450db2
a4913aaaddf53b0c86f23c00edf5458bcbb9c8d6b78b96911b258addbfdf992b
a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00
a82cf4c922189b14c3f7ebe5a2d8b6cea17ed594a92457095eb679a43ec1c738
a8e01da474d0b296034e2af234c1a5532590fe331aa51242db8b452743d6c2bd
a9cc6493ead75354e3797c509e2f5726e23c2833e61cde701355461bd85f9367
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ac85efbd81d621656a16aa09d646ead7d9bf3f385ce49d25b47c1c64cab52433
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b7d83360b7844a89c540830a4beacb7c0364e476a2b2df5d9e34028ae7dc6c5f
bafeb537197cf522923dd100f4699cf92fb43041525cd28f5b5cf730904ebde0
c0e460159ac86925892e0b8c2f6f99673e11ac8741fd6df95016aa8067af27e5
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e004cced680dd07df1107e2a399c6defd5d29fbb6a2bdb7ce8fd6de07f1ee1da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b1816ab118b90502e3c282a911c9561fce0668d8f3eff0616ed7b22cba24cf
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f35e3053e2c1d4ce728d5a7ff6429095be16304d075fbc8bd51805dc6163bc5d
f7bd4565516583456e2ddd59ec2d2c191d8960929384a5397653d516b06b527b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa24f97ad72a0b9f7156c05fd233f5e408ff3c85371156f666eae897c3eb1f20
fa97b1272d793bf58c7a75e69f87cd85788a974e445548923d280fed3eb7ec67
fc43ac64bee4a8ae3be1880e64d2fb54e6c77f7867b957dd2f8daf5021d3e4e0