heididerusso.com Open in urlscan Pro
2606:4700::6812:785b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://heididerusso.com/
Submission: On August 15 via automatic, source certstream-suspicious (August 15th 2024, 4:14:41 am UTC) — Scanned from DE

Summary HTTP 63 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 12 domains to perform 63 HTTP transactions. The main IP is 2606:4700::6812:785b, located in United States and belongs to CLOUDFLARENET, US. The main domain is heididerusso.com.
TLS certificate: Issued by E5 on August 15th 2024. Valid for: 3 months.

This is the only time heididerusso.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	2606:4700::68... 2606:4700::6812:785b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
8	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:800:d:c7b9:f540:93a1	16509 (AMAZON-02) (AMAZON-02)
15	2a02:26f0:480... 2a02:26f0:480:582::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:5200:f:af14:7ac0:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::54	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	52.70.228.248 52.70.228.248	14618 (AMAZON-AES) (AMAZON-AES)
2	3.229.152.19 3.229.152.19	14618 (AMAZON-AES) (AMAZON-AES)
2	3.215.152.181 3.215.152.181	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
63	22

10 2606:4700::6812:785b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

heididerusso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:800:d:c7b9:f540:93a1 (United States)

ASN16509 (AMAZON-02, US)

styles.luxurypresence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:26f0:480:582::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5200:f:af14:7ac0:21 (United States)

ASN16509 (AMAZON-02, US)

d1e1jt2fj4r8r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.70.228.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-228-248.compute-1.amazonaws.com

bss.luxurypresence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.229.152.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-152-19.compute-1.amazonaws.com

gw.luxurypresence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.215.152.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-152-181.compute-1.amazonaws.com

t.luxurypresence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 4280	1 MB
10	heididerusso.com 1 redirects heididerusso.com	103 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 translate.googleapis.com — Cisco Umbrella Rank: 1452 maps.googleapis.com — Cisco Umbrella Rank: 567	338 KB
8	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	75 KB
7	luxurypresence.com styles.luxurypresence.com — Cisco Umbrella Rank: 391307 bss.luxurypresence.com — Cisco Umbrella Rank: 545501 gw.luxurypresence.com — Cisco Umbrella Rank: 510940 t.luxurypresence.com — Cisco Umbrella Rank: 358907	25 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	103 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	239 KB
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 7038 cdn.acsbapp.com — Cisco Umbrella Rank: 7605	95 KB
2	google.com translate.google.com — Cisco Umbrella Rank: 2103 accounts.google.com — Cisco Umbrella Rank: 46	53 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	19 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
1	cloudfront.net d1e1jt2fj4r8r.cloudfront.net	110 KB
63	12

	Domain	Requested by
15	res.cloudinary.com	heididerusso.com
10	heididerusso.com	1 redirects heididerusso.com
8	cdnjs.cloudflare.com	heididerusso.com styles.luxurypresence.com
6	maps.googleapis.com	heididerusso.com maps.googleapis.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	heididerusso.com www.googletagmanager.com
2	t.luxurypresence.com	heididerusso.com
2	gw.luxurypresence.com	cdnjs.cloudflare.com
2	bss.luxurypresence.com	accounts.google.com
2	cdn.jsdelivr.net	heididerusso.com
2	fonts.googleapis.com	heididerusso.com
1	cdn.acsbapp.com	acsbapp.com
1	region1.google-analytics.com	www.googletagmanager.com
1	translate.googleapis.com
1	www.gstatic.com
1	acsbapp.com	heididerusso.com
1	accounts.google.com	heididerusso.com
1	translate.google.com	heididerusso.com
1	d1e1jt2fj4r8r.cloudfront.net	heididerusso.com
1	styles.luxurypresence.com	heididerusso.com
63	20

This site contains links to these domains. Also see Links.

Domain
accessibe.com
www.luxurypresence.com
www.facebook.com
www.instagram.com
www.linkedin.com
www.tiktok.com
www.youtube.com
www.zillow.com

Subject Issuer	Validity	Valid
heididerusso.com E5	`2024-08-15` - `2024-11-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.luxurypresence.com Amazon RSA 2048 M02	`2024-04-12` - `2025-05-10`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-18` - `2025-01-13`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
accounts.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
acsbapp.com WE1	`2024-06-20` - `2024-09-18`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://heididerusso.com/
Frame ID: 612444F699C7F23530303256B23583FD
Requests: 64 HTTP requests in this frame

Frame: https://bss.luxurypresence.com/buttons/googleOneTap?companyId=d0b2b2fa-438d-4b23-b8b9-d93e1483565a&websiteId=0b749eeb-8d05-46b1-a701-e2458e10cbab&pageId=5dc6353b-e31a-4b19-8a4d-33255de31c7a&sourceUrl=https%3A%2F%2Fheididerusso.com%2F&pageMeta=%7B%22sourceResource%22%3A%22%22%2C%22pageElementId%22%3A%22%22%2C%22pageQueryVariables%22%3A%7B%7D%7D
Frame ID: E175D80097EA55139A78DA0CC92CA940
Requests: 1 HTTP requests in this frame

Frame: https://heididerusso.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js
Frame ID: FDA0D43EF3EA084BD37D2D6080DB0627
Requests: 2 HTTP requests in this frame

Frame: https://heididerusso.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: 90ABCD0E4C45E6F584D986454CF5A140
Requests: 2 HTTP requests in this frame

Frame: https://bss.luxurypresence.com/buttons/googleOneTap?companyId=d0b2b2fa-438d-4b23-b8b9-d93e1483565a&websiteId=0b749eeb-8d05-46b1-a701-e2458e10cbab&pageId=5dc6353b-e31a-4b19-8a4d-33255de31c7a&sourceUrl=https%3A%2F%2Fheididerusso.com%2F&pageMeta=%7B%22sourceResource%22%3A%22%22%2C%22pageElementId%22%3A%22%22%2C%22pageQueryVariables%22%3A%7B%7D%7D
Frame ID: 145E44C5E5A8C384E9B2AB381A2AD5B4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Heidi DeRusso | Connecticut Real Estate Agent

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

63
Requests

97 %
HTTPS

76 %
IPv6

12
Domains

20
Subdomains

22
IPs

4
Countries

2449 kB
Transfer

10579 kB
Size

7
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/blog/knowledgebase/screen-reader-guide
Title: Accessibility Screen-Reader Guide, Feedback, and Issue Reporting

Search URL Search Domain Scan URL

URL: https://www.luxurypresence.com/real-estate-website-design/
Title: Luxury Presence

Search URL Search Domain Scan URL

URL: https://www.facebook.com/heididerussorealtor

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heidi.derusso/?hl=en

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/heidi-derusso-4a97b5137/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@heidi.derusso

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@heididerusso8861/featured

Search URL Search Domain Scan URL

URL: https://www.zillow.com/profile/Heidi%20DeRusso

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://heididerusso.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://heididerusso.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js

63 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
heididerusso.com/ 500 KB
87 KB 161ms
59ms Document
text/html 2606:4700::6812:785b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heididerusso.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:785b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Luxury Presence
Resource Hash: b99aca0ebe0a663b6ffa1450b70ead7616dd468076e0135e7655785d38169486

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age: 596
cache-control: max-age=600, stale-while-revalidate=1200, public
cf-cache-status: HIT
cf-ray: 8b365bc6e98a9745-FRA
content-encoding: br
content-type: text/html
date: Thu, 15 Aug 2024 04:14:34 GMT
last-modified: Fri, 09 Aug 2024 00:46:48 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: HIXIY7PA6/w5lpPxEhvZ2yFErpv1MeYjjHfpZ+TtZWn2ZUSnIX9M4EpZLPTRCv9P3NcCMmdkQ2o=
x-amz-request-id: 6R2MWWHGN25SMGJC
x-amz-server-side-encryption: AES256
x-powered-by: Luxury Presence

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 283ms
50ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:200,300,400,500,600,700,800,900,200i,300i,400i,500i,600i,700i,800i,900i

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c3444b55eda467197cee45a1775c2775f2a70aaf51350348c399be94e586b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 15 Aug 2024 04:14:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Aug 2024 04:14:34 GMT

GET
H2 200 css
fonts.googleapis.com/ 30 KB
1 KB 283ms
50ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

468b3e9ad7eb860239ed3e6eba32e2e0ff79ee9c2bbf132f18a4d9c0809716e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 15 Aug 2024 02:25:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Aug 2024 04:14:34 GMT

GET
H3 200 ion.rangeSlider.min.css
cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.3.1/css/ 11 KB
2 KB 98ms
48ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.3.1/css/ion.rangeSlider.min.css

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83b1e0a0cc92672a27b8fc074ce45ffae18711e3a6ed5448da47d75979499dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 25383
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1860
last-modified: Mon, 04 May 2020 16:11:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ea7-2b4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PTQ5qASYLZ8pCSLFZNk4wEfxZ6aRs%2FbkuKkhAMJXiDuw1LPtj4dD52szbZu4AfsJlIhSHXIZdsJbVaWLivDcgZK7HmkmRPfBtfeYtgRdvMkuuqdos7o0VKuiTiTKimEPv90LPRcJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b365bc7ad5d364a-FRA
expires: Tue, 05 Aug 2025 04:14:34 GMT

GET
H2 200 index.css
styles.luxurypresence.com/producer/ 114 KB
20 KB 276ms
46ms Stylesheet
text/css 2600:9000:2156:800:d:c7b9:f540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://styles.luxurypresence.com/producer/index.css
Requested by: Host: heididerusso.com
URL: https://heididerusso.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:d:c7b9:f540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6f84f70ede76be7005e3e398b50e42edabe0aa98eb4e5cbb7efbaf0434923e5

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:12:40 GMT
content-encoding: gzip
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Fri, 09 Aug 2024 14:11:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 124
x-amz-server-side-encryption: AES256
etag: W/"0497930a5582788205ae3329d72f4e44"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, no-cache, must-revalidate, max-age=0
x-amz-cf-id: u2Au3ecoiSz5eEk8btmqgyIkBg8OfQPmNWB_SOCpgU-aMYUD14b5ig==

GET
H2 200 light-lockup-logo
res.cloudinary.com/luxuryp/images/w_1920,c_limit,f_auto,q_auto/uwq08uoqujuubmldkdgm/ 25 KB
25 KB 508ms
279ms Image
image/webp 2a02:26f0:480:582::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/luxuryp/images/w_1920,c_limit,f_auto,q_auto/uwq08uoqujuubmldkdgm/light-lockup-logo

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:582::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

9ec6161aa26451b2e385358cb68024a9261bc2a6e9bdc92db3c692883574f8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="light-lockup-logo"
server-timing: cld-akam;dur=195;cpu=30;start=2024-08-15T04:14:34.372Z;desc=miss,rtt;dur=38,content-info;desc="width=1920,height=201,bytes=25442,owidth=2139,oheight=224,obytes=25151,ef=(1,11,13,17,97)",cloudinary;dur=78;start=2024-08-15T04:14:34.432Z
content-length: 25442
last-modified: Thu, 21 Mar 2024 12:05:41 GMT
server: Cloudinary
etag: "001011f2dfd0f695e840b45e4142a4f7"
vary: Accept,User-Agent,Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lockup-logo-dark
res.cloudinary.com/luxuryp/images/w_1920,c_limit,f_auto,q_auto/jrfdr30miuowdtqu6ghg/ 49 KB
50 KB 456ms
227ms Image
image/webp 2a02:26f0:480:582::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/luxuryp/images/w_1920,c_limit,f_auto,q_auto/jrfdr30miuowdtqu6ghg/lockup-logo-dark

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:582::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

09b3c62c8b55e7b38b7f5331a887e683a51839502a44d81344291a69a1a7feb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="lockup-logo-dark"
server-timing: cld-akam;dur=187;cpu=22;start=2024-08-15T04:14:34.372Z;desc=miss,rtt;dur=38,content-info;desc="width=1920,height=201,bytes=50554,owidth=2139,oheight=224,obytes=62270,ef=(1,11,13,17,97)",cloudinary;dur=78;start=2024-08-15T04:14:34.431Z
content-length: 50554
last-modified: Thu, 21 Mar 2024 12:05:41 GMT
server: Cloudinary
etag: "ede9a5088d09ccd0801f12fd51fc5cac"
vary: Accept,User-Agent,Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 heidi-opening-video.jpg
res.cloudinary.com/luxuryp/videos/f_auto,q_auto/so_0,eo_0/qpjvaawita61qekdzbi8/ 212 KB
213 KB 405ms
400ms Image
image/jpeg 2a02:26f0:480:582::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/luxuryp/videos/f_auto,q_auto/so_0,eo_0/qpjvaawita61qekdzbi8/heidi-opening-video.jpg

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:582::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

1a213d128d80e2c7f00a736e28482bb22a47f4c6c95c0fb44002e55544334b37

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Mon, 29 Apr 2024 22:07:47 GMT
server: Cloudinary
etag: "fc3034fdd5278d6ff27080f68a9930b0"
vary: Accept,User-Agent,Save-Data
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=2592000
server-timing: cld-akam;dur=316;cpu=34;start=2024-08-15T04:14:34.432Z;desc=miss,rtt;dur=38,content-info;desc="width=1894,height=1000,bytes=217511,owidth=1894,oheight=1000,obytes=189039,ef=(12,18,41,63,69)",cloudinary;dur=189;start=2024-08-15T04:14:34.508Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 217511

GET
H2 200 email-decode.min.js Show response
heididerusso.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
852 B 48ms
43ms Script
application/javascript 2606:4700::6812:785b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heididerusso.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:785b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Aug 2024 09:35:25 GMT
server: cloudflare
etag: W/"66b33fdd-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8b365bc93afa9745-FRA
expires: Sat, 17 Aug 2024 04:14:34 GMT

GET
H2 404 dummy-map_zkxabi.png
res.cloudinary.com/dvgalsdp3/image/upload/v1668765837/ 0
370 B 54ms
50ms Image
text/html 2a02:26f0:480:582::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dvgalsdp3/image/upload/v1668765837/dummy-map_zkxabi.png

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:582::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 04:14:34 GMT
strict-transport-security: max-age=604800
server: Cloudinary
x-cld-error: Resource not found
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error
cache-control: private, no-transform, max-age=0, no-cache
content-transfer-encoding: binary
content-disposition: inline
server-timing: cld-akam;dur=5;start=2024-08-15T04:14:34.431Z;desc=synth,rtt;dur=38
accept-ranges: bytes
timing-allow-origin: *
content-length: 0

GET
H2 200 vertical-colored-brokerage-logo
res.cloudinary.com/luxuryp/images/w_320,c_limit,f_auto,q_auto/r3zobxskpvjvfgdfw4xo/ 13 KB
14 KB 247ms
243ms Image
image/webp 2a02:26f0:480:582::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/luxuryp/images/w_320,c_limit,f_auto,q_auto/r3zobxskpvjvfgdfw4xo/vertical-colored-brokerage-logo

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:582::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

6a11769400f5e1356cca887319dfd120b99dcb9e17090937d76c1768c807a046

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="vertical-colored-brokerage-logo"
server-timing: cld-akam;dur=168;cpu=25;start=2024-08-15T04:14:34.431Z;desc=miss,rtt;dur=38,content-info;desc="width=320,height=210,bytes=13724,owidth=400,oheight=262,obytes=19551,ef=(1,11,13,17,97)",cloudinary;dur=56;start=2024-08-15T04:14:34.492Z
content-length: 13724
last-modified: Thu, 21 Mar 2024 12:09:29 GMT
server: Cloudinary
etag: "989c93a49737276920633fa8462d6796"
vary: Accept,User-Agent,Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 realtor-eho-logo-07232021-update-dark
res.cloudinary.com/luxuryp/images/f_auto,q_auto/g5qzbyky8ifp5w0ex0ik/ 6 KB
7 KB 54ms
51ms Image
image/webp 2a02:26f0:480:582::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/luxuryp/images/f_auto,q_auto/g5qzbyky8ifp5w0ex0ik/realtor-eho-logo-07232021-update-dark

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:582::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

61b889d7da1be3b7b3bf27c4e66b47dbb6169b1e6d291ff6ae483203a1856de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="realtor-eho-logo-07232021-update-dark"
server-timing: cld-akam;dur=6;start=2024-08-15T04:14:34.431Z;desc=hit,rtt;dur=38,content-info;desc="width=355,height=184,owidth=355,oheight=184,obytes=6344"
content-length: 6254
last-modified: Fri, 23 Jul 2021 00:41:04 GMT
server: Cloudinary
etag: "584c9e8e8c4d17b2dd9f81568298efc2"
vary: Accept,User-Agent,Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 group-2147206425-1-1
res.cloudinary.com/luxuryp/images/f_auto,q_auto/xegvmklr9oqvwdh6zxer/ 3 KB
3 KB 55ms
52ms Image
image/webp 2a02:26f0:480:582::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/luxuryp/images/f_auto,q_auto/xegvmklr9oqvwdh6zxer/group-2147206425-1-1

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:582::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

ecf174bb4dd8459505a55bfe90cd9bd86a28b2a3a2a5af1d4a4a58f109a54d7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="group-2147206425-1-1"
server-timing: cld-akam;dur=6;start=2024-08-15T04:14:34.431Z;desc=hit,rtt;dur=38,content-info;desc="width=390,height=140,owidth=390,oheight=140,obytes=3242"
content-length: 2710
last-modified: Tue, 20 Dec 2022 14:50:37 GMT
server: Cloudinary
etag: "26318e0ab9593c8a098ac21cf78c4d6d"
vary: Accept,User-Agent,Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
49 KB 149ms
49ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

acbf35a5085663bb2d476a239bc2c7f7396df0d8c1387f6f6dd8e892995f4bbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49823
x-xss-protection: 0
last-modified: Thu, 15 Aug 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Aug 2024 04:14:34 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/ 85 KB
27 KB 90ms
49ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://heididerusso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 516669
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27446
last-modified: Tue, 29 Aug 2023 04:36:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64ed75bb-6b36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YfD61otlI0WVXB7eMpmMxNxAR7lSe9g8qn%2BEpFQdhMI075roOTAX2x9sHV9fLQKmU%2F0urHkPz2GYG0Fk0Tcj1rf2hYGeKFYWiTEUr%2FKQ%2FcdOIVDrqcmQakRu5suFpwDvUvGlJL3U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b365bc96dce3674-FRA
expires: Tue, 05 Aug 2025 04:14:34 GMT

GET
H3 200 handlebars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.7.8/ 86 KB
22 KB 53ms
51ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.7.8/handlebars.min.js

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e5416f145e7bf16c58504356c732fe7e99671f4696194c5b140a252db02f0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 185988
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22421
last-modified: Tue, 01 Aug 2023 23:07:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c9903f-5795"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dWldo74lAmtR9syuzXnWs3iPSVbmqcC%2B0iPfDFZd1sBO9Ce2mMPGfdkYQQe5FtC%2BOWI93Dhc5y1xXErBIWGq%2F81x9mwYm3jwLYMN7oN%2FYY7rMTw5%2FfmdLocyxfwiZGXPRbCu7Grt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b365bc92e6f364a-FRA
expires: Tue, 05 Aug 2025 04:14:34 GMT

GET
H2 200 handlebars-intl.min.js Show response
cdn.jsdelivr.net/npm/handlebars-intl@1.1.2/dist/ 27 KB
8 KB 153ms
55ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/handlebars-intl@1.1.2/dist/handlebars-intl.min.js

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b1118bbbb0bb2e70eeee882c915af42927a6255e80578202a5af131b9dc4cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8693599
x-jsd-version: 1.1.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7885
x-served-by: cache-fra-eddf8230082-FRA, cache-lga21951-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"6a82-3IF9dWj5Y8UKuKEfbXv/z98W6Go"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Qr9lULvXtLnBL9v4az56tF68QTkcuCW90HzyPXcpua0NcXhW6BDk%2B7qnFlXqevGpnpuHwzPfnvnsh6z8PI8bp7jVw42BHcTwPSTkFMRTqE%2FD4BEhA16IzgcMakpIAlrAZdQZnANE72heyLL7ds%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b365bc9cadd1905-FRA

GET
H3 200 superagent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/superagent/4.1.0/ 19 KB
6 KB 94ms
92ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/superagent/4.1.0/superagent.min.js

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f01886f4756d9dfa133c5cf97d45c4db68d2684df43fc4a5759f9101607d27e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 20599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5203
last-modified: Mon, 04 May 2020 16:16:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fde-4a53"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aBy7NCvm5VMB6hQC44nPwE%2BJH3y3aR7j0TNZmlYyUUASKPYYYjffTQeRP5Ts6SeZEHzdnhsJ4vw%2BzUu6aARmHCiezrb2oV74dWLYSoEaevabvejTaEtckBM0tVxAy0w42a7WwSZn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b365bc92e70364a-FRA
expires: Tue, 05 Aug 2025 04:14:34 GMT

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 147ms
50ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8871508
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10412
x-served-by: cache-fra-eddf8230096-FRA, cache-lga21927-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0l6lf%2B0LB712gmfQDeOEG46xeDAq4Z7sBam8J%2BiRBS4n6SRWt0lPP9FOF1lbFM93vmot2kNQutvvlGR%2BwErzMqV6SKzjdkGQz4GOJWtL9kl%2FBRuX0rs%2BKChl04zS9msV6CKTgSXR%2BUlKv1kvU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b365bc9cada1905-FRA

GET
H3 200 wow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/ 8 KB
3 KB 94ms
92ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.min.js

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 26431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2346
last-modified: Mon, 04 May 2020 16:17:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04033-1ff6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T8DMLBmqQqNLLjiyDXfH9Q6iIPCkZcSwegoBrKjKeCVtsYgsmZRKukhlLrcZbgcOyxZH4YhC3%2FwoZlrM7OsEoZpVkPrH7rUnJl%2F08V6gT1r6eJwWKfAxKUgTrmGmw2c8zqPC3yhC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b365bc92e72364a-FRA
expires: Tue, 05 Aug 2025 04:14:34 GMT

GET
H3 200 ion.rangeSlider.min.js Show response
cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.3.1/js/ 40 KB
8 KB 94ms
92ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.3.1/js/ion.rangeSlider.min.js

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67adfdac93b9ec1899cd00e55ac1b217e109dc5b379c3e2940f91f8a64f2dd2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 26272
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7685
last-modified: Mon, 04 May 2020 16:11:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ea7-a0d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BpnDYaJ%2F8v869JndklNOK4QVdFfXU2kpOUnz4t565HUS5QjzfeYxM%2FhlGM0PVLgXVgqPUkiATVY9y4W6q9Ft5YGw0zGj8DIlIvcQ03ML1%2FH8enrlFST8pnBHanaVy9PKlrPnHsT0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b365bc92e73364a-FRA
expires: Tue, 05 Aug 2025 04:14:34 GMT

GET
H2 200 libphonenumber.js Show response
d1e1jt2fj4r8r.cloudfront.net/javascript/ 561 KB
110 KB 240ms
44ms Script
application/javascript 2600:9000:223c:5200:f:af14:7ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1e1jt2fj4r8r.cloudfront.net/javascript/libphonenumber.js
Requested by: Host: heididerusso.com
URL: https://heididerusso.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5200:f:af14:7ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63959d6d33fc1b7a0548b67bf45412910235b59888441411ca5ae7513cbf7132

Request headers

Referer: https://heididerusso.com/
Origin: https://heididerusso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 03:12:26 GMT
content-encoding: br
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 3728
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 14 Jun 2023 14:51:49 GMT
server: AmazonS3
etag: W/"1ac3a7595e15c29e99656c5a16280104"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200, stale-while-revalidate=86400, public
x-amz-cf-id: sax_LFLQKTNjjHJSnnBWlmmi3JLOApuXOdgJgfWaI5U_azwWrJns3w==

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 90 KB
31 KB 158ms
56ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04cc809654e819cddbf3fec6e551fd7e1286e3ee5de5b53f8591f8ed8a18ffef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 intermediate Show response
accounts.google.com/gsi/ 59 KB
21 KB 163ms
60ms Script
application/javascript 2a00:1450:400c:c04::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/intermediate

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48f7a5d0c2e7210b253ac1e736ed60c5d73c25fa744361ea8e13912b6b785277

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--EDHHQFd6zicwULfDcWIGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
content-security-policy: script-src 'report-sample' 'nonce--EDHHQFd6zicwULfDcWIGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 15 Aug 2024 04:14:34 GMT

GET
H2 200 element-bg3
res.cloudinary.com/luxuryp/images/w_1920,c_limit,f_auto,q_auto/z0079qsfwfs2fwvugpfa/ 81 KB
82 KB 394ms
393ms Image
image/webp 2a02:26f0:480:582::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/luxuryp/images/w_1920,c_limit,f_auto,q_auto/z0079qsfwfs2fwvugpfa/element-bg3

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:582::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

478ea3a022ac586f5047611822e6de6a40420641d085ad53e805932101aba298

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="element-bg3"
server-timing: cld-akam;dur=304;cpu=23;start=2024-08-15T04:14:34.444Z;desc=miss,rtt;dur=38,content-info;desc="width=1920,height=1200,bytes=83210,owidth=2400,oheight=1500,obytes=169366,ef=(1,11,13,17,97)",cloudinary;dur=197;start=2024-08-15T04:14:34.498Z
content-length: 83210
last-modified: Thu, 21 Mar 2024 19:20:42 GMT
server: Cloudinary
etag: "d9b7742f85bcb5f0a97b759fa1a30e4d"
vary: Accept,User-Agent,Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 181ms
84ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heididerusso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:47:59 GMT
x-content-type-options: nosniff
age: 134795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:47:59 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 32 KB
33 KB 137ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:200,300,400,500,600,700,800,900,200i,300i,400i,500i,600i,700i,800i,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heididerusso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:03:54 GMT
x-content-type-options: nosniff
age: 137440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32796
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:03:54 GMT

GET
H2 200 heidi
res.cloudinary.com/luxuryp/images/w_960,c_limit,f_auto,q_auto/v6knyvnzs8scgjkbufwx/ 52 KB
53 KB 217ms
216ms Image
image/webp 2a02:26f0:480:582::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/luxuryp/images/w_960,c_limit,f_auto,q_auto/v6knyvnzs8scgjkbufwx/heidi

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:582::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

0f4fb98a2b31ccc79061c1ebfb22325e0eaa57c06f0bc7a6d1a4768c9039b018

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="heidi"
server-timing: cld-akam;dur=149;cpu=27;start=2024-08-15T04:14:34.474Z;desc=miss,rtt;dur=38,content-info;desc="width=960,height=960,bytes=53708,owidth=1500,oheight=1500,obytes=125323,ef=(1,11,13,17,97)",cloudinary;dur=35;start=2024-08-15T04:14:34.533Z
content-length: 53708
last-modified: Thu, 21 Mar 2024 00:30:03 GMT
server: Cloudinary
etag: "a891f4a9b97910e7ea827705b28e3015"
vary: Accept,User-Agent,Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 276 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09dbd87e50199b8dcdf8a596746412508efe3d91ca3f84667ee9dfc8a1981f65

Request headers

Referer
Origin: https://heididerusso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 home-val
res.cloudinary.com/luxuryp/images/w_1920,c_limit,f_auto,q_auto/cl0glxxrpcti0nvv5fii/ 449 KB
450 KB 368ms
367ms Image
image/jpeg 2a02:26f0:480:582::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/luxuryp/images/w_1920,c_limit,f_auto,q_auto/cl0glxxrpcti0nvv5fii/home-val

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:582::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

4dd9e08bfd3ba9ea0d1b68dfd3ac7be68d59999e19abbd39bd271310a23da7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Thu, 21 Mar 2024 19:11:34 GMT
server: Cloudinary
etag: "5dcac42f3cb83d78e1fc16bebb01cfbc"
vary: Accept,User-Agent,Save-Data
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=2592000
server-timing: cld-akam;dur=280;cpu=28;start=2024-08-15T04:14:34.499Z;desc=miss,rtt;dur=39,content-info;desc="width=1920,height=1200,bytes=459929,owidth=2400,oheight=1500,obytes=802379,ef=(1,11,13,17,97)",cloudinary;dur=164;start=2024-08-15T04:14:34.552Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 459929

GET
DATA 200
OK truncated
/ 198 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5185db493b29e14ea5f7cea7c0cfffa0612e137dd8b96ac5c88940db7d17f287

Request headers

Referer
Origin: https://heididerusso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 element-bg1
res.cloudinary.com/luxuryp/images/w_1920,c_limit,f_auto,q_auto/ua6lb0ip4s8gaj0jhr2m/ 182 KB
183 KB 270ms
269ms Image
image/jpeg 2a02:26f0:480:582::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/luxuryp/images/w_1920,c_limit,f_auto,q_auto/ua6lb0ip4s8gaj0jhr2m/element-bg1

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:582::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

ad377d86dc248c406f4c2d312963d73edc9e3e0d477b6a32f84aee9798516c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Sun, 14 Apr 2024 19:34:14 GMT
server: Cloudinary
etag: "e561532bb8f78d18bf43b3a0ac2f7a58"
vary: Accept,User-Agent,Save-Data
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=2592000
server-timing: cld-akam;dur=229;cpu=27;start=2024-08-15T04:14:34.493Z;desc=miss,rtt;dur=39,content-info;desc="width=1920,height=1200,bytes=186801,owidth=2400,oheight=1500,obytes=406099,ef=(1,11,13,17,97)",cloudinary;dur=115;start=2024-08-15T04:14:34.559Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 186801

GET
H2 200 work-with-us
res.cloudinary.com/luxuryp/images/w_1920,c_limit,f_auto,q_auto/zngt2i25k5iu3j6rfjep/ 168 KB
169 KB 288ms
288ms Image
image/webp 2a02:26f0:480:582::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/luxuryp/images/w_1920,c_limit,f_auto,q_auto/zngt2i25k5iu3j6rfjep/work-with-us

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:582::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

d93d2e0923208d92a6ce68530f6c8b5af84dc780f29dfb66c3d1768bc2576ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="work-with-us"
server-timing: cld-akam;dur=217;cpu=22;start=2024-08-15T04:14:34.507Z;desc=miss,rtt;dur=39,content-info;desc="width=1920,height=1200,bytes=171988,owidth=2400,oheight=1500,obytes=386168,ef=(1,11,13,17,97)",cloudinary;dur=106;start=2024-08-15T04:14:34.566Z
content-length: 171988
last-modified: Thu, 21 Mar 2024 19:11:51 GMT
server: Cloudinary
etag: "5971f05e098131b23e0a730c1bbee39e"
vary: Accept,User-Agent,Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ 33 KB
34 KB 163ms
114ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heididerusso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:03:19 GMT
x-content-type-options: nosniff
age: 137475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:03:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 245 KB
88 KB 119ms
106ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T9SFQGHZ

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7f8bfcff5d9951f4f346ca835aa273102249c31ef5a2887eb4cc1ab5755f4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89779
x-xss-protection: 0
last-modified: Thu, 15 Aug 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Aug 2024 04:14:34 GMT

GET
DATA 200
OK truncated
/ 241 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54a4df6e10e89480cbfdf5a65997da3fdf2279304cb790984a2624fe77933969

Request headers

Referer
Origin: https://heididerusso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 997 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 263f5600d11df8306fcb186767f178ac17bd056b0bdd84e6651ffde7f23515cf

Request headers

Referer
Origin: https://heididerusso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 360 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57317db57b6a661f77a13d9233c4c5ead28a4cb66a2ced2be9394f806c8723e9

Request headers

Referer
Origin: https://heididerusso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 343 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 823080bad8b3ee1452db5160828232e70a4cbdb2d912a888b90e42208b08a24d

Request headers

Referer
Origin: https://heididerusso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 422 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 115127b2594a2a18a006303cb33578607cc61b5dc4e4614044bfa813f00b1c6d

Request headers

Referer
Origin: https://heididerusso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 569 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2653b564c8aa7f1e96373fec2705e0279dcdebbb409be468a20d01d2b844a901

Request headers

Referer
Origin: https://heididerusso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 311 KB
95 KB 274ms
174ms Script
application/javascript 2606:4700:10::6816:cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: heididerusso.com
URL: https://heididerusso.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aee9ab2eee7ddd3445603212207916533cccee7385b52500d4042c24df8d950

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: AHxI1nNgr-9_YEbs-TVI3HI741_8hibue7SLy1FGHKkQE4z7p6d7YBtxJxCaZUdHBwyE5_RX3OOZDb7HEQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Wed, 14 Aug 2024 08:16:12 GMT
server: cloudflare
etag: W/"3364f6611afb71b3a7a39c075cd0d0a2"
vary: Accept-Encoding
x-goog-hash: crc32c=CYiKsA==, md5=M2T2YRr7cbOno5wHXNDQog==
x-goog-generation: 1723623372232705
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 318526
access-control-expose-headers: *
cf-ray: 8b365bcabd209125-FRA
expires: Fri, 15 Aug 2025 04:14:34 GMT

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=rGA/d=0/rs=AN8SPfq2t-Z7AOJAuf3AxICo2ePjXqRMzw/ 22 KB
5 KB 143ms
41ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=rGA/d=0/rs=AN8SPfq2t-Z7AOJAuf3AxICo2ePjXqRMzw/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Jh9cpKOqT9A.O/am=rGA/d=1/rs=AN8SPfo50IUqJNR_hW9q5RRLKFwGVQqEVQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 17:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 07:26:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Aug 2025 17:25:23 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Jh9cpKOqT9A.O/am=AAAC/d=1/exm=el_conf/ed=1/rs=AN8SPfqV5R00LdqV1mNiXVHfTUB6nWla7w/ 209 KB
72 KB 143ms
40ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Jh9cpKOqT9A.O/am=AAAC/d=1/exm=el_conf/ed=1/rs=AN8SPfqV5R00LdqV1mNiXVHfTUB6nWla7w/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Jh9cpKOqT9A.O/am=rGA/d=1/rs=AN8SPfo50IUqJNR_hW9q5RRLKFwGVQqEVQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c4fad54667a823fab27877882378d0c69054a46534cb3908a77cceb6035ed26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 17:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73505
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 19:12:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Aug 2025 17:46:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
102 KB 68ms
67ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JCTZLQK4T3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac54f3eaa0808c5b007de3ddf1bc53e41dd5b785e2f2a6d64fbc3e3c5d1aa1db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104269
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Aug 2024 04:14:34 GMT

GET
H2 200 modals.html Show response
heididerusso.com/ 17 KB
4 KB 529ms
529ms Fetch
text/html 2606:4700::6812:785b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heididerusso.com/modals.html
Requested by: Host: heididerusso.com
URL: https://heididerusso.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:785b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Luxury Presence
Resource Hash: 16263bdb91b70d013a86ad7991719b7830fef415a77b48ada46b95c3323913c1

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 07 Aug 2024 02:48:20 GMT
server: cloudflare
x-amz-request-id: FCBF19DCEZWHJY64
x-powered-by: Luxury Presence
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/html
cache-control: max-age=600, stale-while-revalidate=1200, public
cf-ray: 8b365bcacc489745-FRA
x-amz-id-2: 7GkS/Te0M8aaCfowmTrvwh2OxI1n1nNwYoagFFABki1kkazxRiZ92pNXXQ2qBoUz0AYv3itK/2o=

GET
H2 200 googleOneTap
bss.luxurypresence.com/buttons/ Frame E175 0
0 476ms
134ms Document
text/html 52.70.228.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bss.luxurypresence.com/buttons/googleOneTap?companyId=d0b2b2fa-438d-4b23-b8b9-d93e1483565a&websiteId=0b749eeb-8d05-46b1-a701-e2458e10cbab&pageId=5dc6353b-e31a-4b19-8a4d-33255de31c7a&sourceUrl=https%3A%2F%2Fheididerusso.com%2F&pageMeta=%7B%22sourceResource%22%3A%22%22%2C%22pageElementId%22%3A%22%22%2C%22pageQueryVariables%22%3A%7B%7D%7D
Requested by: Host: accounts.google.com
URL: https://accounts.google.com/gsi/intermediate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.228.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-228-248.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Referer: https://heididerusso.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-length: 2233
content-type: text/html; charset=utf-8
date: Thu, 15 Aug 2024 04:14:35 GMT
etag: W/"8b9-2BOi/12VkmMpaDfYIn+q0CkNaeQ"
x-powered-by: Express

OPTIONS
H2 200 graphql
gw.luxurypresence.com/ Frame 0
0 445ms
133ms Preflight
text/plain 3.229.152.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.luxurypresence.com/graphql
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.152.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-152-19.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heididerusso.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Accept,Accept-Language,Content-Language,Content-Type,X-Requested-With,X-HTTP-Method-Override,x-user-token,apollographql-client-name,apollographql-client-version
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: https://heididerusso.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 15 Aug 2024 04:14:35 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express

GET
H2 200 divolte.js Show response
t.luxurypresence.com/ 9 KB
4 KB 444ms
124ms Script
application/javascript 3.215.152.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://t.luxurypresence.com/divolte.js
Requested by: Host: heididerusso.com
URL: https://heididerusso.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.152.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-152-181.compute-1.amazonaws.com
Software: divolte /
Resource Hash: ed4803ad16acf93f1a26423adec71636edc87eeba2659af7a86bf4291df8ffa4

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:35 GMT
content-encoding: gzip
server: divolte
etag: "gz+7UgDrRas+T8aJkI63scWNu3IfuuiZZr3qGv0KR34/6Q="
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
content-length: 4125

GET
H3 200 ajax-loader.gif
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 4 KB
4 KB 47ms
47ms Image
image/gif 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ajax-loader.gif

Requested by

Host: styles.luxurypresence.com
URL: https://styles.luxurypresence.com/producer/index.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://styles.luxurypresence.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 527822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3210
last-modified: Sat, 06 Jan 2024 19:26:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65999b3e-c8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HL8a1wn6lddw5o%2BPZOe8AkbEUUbqTwkdOF0FCym2%2FpZM8b3iXW2lVe4pXE1GnWPjNhAa%2BhVB6uoLDIg0D0JDLcEpoXLcXwy1XD18WWq85B89kUjB%2Be3oEx%2BwJpIh%2FKyJGg%2F%2BlMnV"}],"group":"cf-nel","max_age":604800}
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b365bcaef87364a-FRA
expires: Tue, 05 Aug 2025 04:14:34 GMT

GET
H3 200 slick.woff
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/fonts/ 1 KB
2 KB 49ms
49ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/fonts/slick.woff

Requested by

Host: styles.luxurypresence.com
URL: https://styles.luxurypresence.com/producer/index.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://styles.luxurypresence.com/
Origin: https://heididerusso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 20775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1289
last-modified: Sat, 06 Jan 2024 19:26:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65999b41-509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=20wXVeN22Gj4iEA6%2F%2BnI2YTAxoKKF1U4pp6aPoKeyPVMu6v8tRL%2BryIr4xoL3lOphAjeiCu3T%2Bos9imB2%2F03EHw7q%2BJEdWf%2FGcHgtrLTQV40IBnliHAGxi5%2BRuspXnRZPiR0MnHe"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b365bcb7f283674-FRA
expires: Tue, 05 Aug 2025 04:14:34 GMT

GET
H2 200 map Show response
heididerusso.com/api/v1/ 39 B
173 B 711ms
711ms Fetch
text/html 2606:4700::6812:785b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heididerusso.com/api/v1/map
Requested by: Host: heididerusso.com
URL: https://heididerusso.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:785b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8c39b704624edb35c2eb1bd658b09504eaaa750ef36f5232898fa6847f3e8fb6

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:35 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 8b365bcb5ca49745-FRA

POST
H2 200 graphql Show response
gw.luxurypresence.com/ 85 B
521 B 1177ms
926ms XHR
application/json 3.229.152.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.luxurypresence.com/graphql
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/superagent/4.1.0/superagent.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.152.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-152-19.compute-1.amazonaws.com
Software: / Express
Resource Hash: e8f06b163d949f5165a78342bbf8bfb65b005348930e09a0d61e1c666030902b

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Aug 2024 04:14:36 GMT
x-powered-by: Express
vary: Origin
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heididerusso.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Accept, Accept-Language, Content-Language, Content-Type, X-Requested-With, X-HTTP-Method-Override, x-user-token, apollographql-client-name, apollographql-client-version
content-length: 85

GET
H2

200

main.js Show response
heididerusso.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/ Frame FDA0
Redirect Chain

https://heididerusso.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://heididerusso.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js?

8 KB
4 KB

49ms
48ms

Script
application/javascript

2606:4700::6812:785b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heididerusso.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js?

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Server

2606:4700::6812:785b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc6bed2d3f0b21c2bf674e3b33d5998f6b0c73b45e4b6b7f3141b9f3f9d684aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b365bcc0d119745-FRA

Redirect headers

date: Thu, 15 Aug 2024 04:14:34 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b365bcb6ca79745-FRA
content-length: 0

GET
H2 206 heidi-opening-video.webm
res.cloudinary.com/luxuryp/videos/f_webm,vc_vp9,q_auto/qpjvaawita61qekdzbi8/ 4 MB
0 271ms
270ms Media
video/webm 2a02:26f0:480:582::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/luxuryp/videos/f_webm,vc_vp9,q_auto/qpjvaawita61qekdzbi8/heidi-opening-video.webm

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:582::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 15 Aug 2024 04:14:35 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
Content-Range: bytes 0-5392412/5392413
server-timing: cld-akam;dur=229;cpu=24;start=2024-08-15T04:14:34.940Z;desc=miss,rtt;dur=38,content-info;desc="width=1894,height=1000,abps=266082,fps=30.0,du=20.266,vc=\"vp9\",bytes=5392413,owidth=1894,oheight=1000,oabps=272669,ofps=30.0,odu=20.267,ovc=\"h264\",obytes=5526094,oformat=\"mp4\",ef=(18,41,62)",cloudinary;dur=116;start=2024-08-15T04:14:35.001Z
Content-Length: 5392413
last-modified: Mon, 29 Apr 2024 22:08:23 GMT
server: Cloudinary
etag: "a2de8b40fe7e262e40c9e35abdb5b139"
vary: Save-Data
content-type: video/webm;codecs=vp9
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 156ms
48ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JCTZLQK4T3&gtm=45je48c0v9183032250za200&_p=1723695274500&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=482249016.1723695275&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723695275&sct=1&seg=0&dl=https%3A%2F%2Fheididerusso.com%2F&dt=Heidi%20DeRusso%20%7C%20Connecticut%20Real%20Estate%20Agent&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.page=%2F&ep.location=https%3A%2F%2Fheididerusso.com%2F&tfd=1082
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JCTZLQK4T3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 04:14:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heididerusso.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/heididerusso.com/ 164 B
702 B 322ms
226ms Fetch
application/json 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/heididerusso.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 935bfdbf9036a3c4dcbbc5e76c8313c28321d6d828161fa58f6954822fa905ca

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:35 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: AHxI1nMoAkiU4CSkhzyeDV74pdErAP8I8zfLKc5EwNLBG9Z7YxjvmwQ2HAScKEnc16XMNGnhiBeZGsHbrQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Fri, 19 Apr 2024 00:06:53 GMT
server: cloudflare
etag: W/"23c1ef3ce04aa50a03eaf0953cb20eb0"
vary: Accept-Encoding
x-goog-generation: 1713485213425060
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=y17QLQ==, md5=I8HvPOBKpQoD6vCVPLIOsA==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 164
cf-ray: 8b365bd16c50bbe9-FRA
expires: Fri, 15 Aug 2025 04:14:35 GMT

POST
H2 200 8b365bc6e98a9745 Show response
heididerusso.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame FDA0 0
356 B 106ms
102ms XHR
text/plain 2606:4700::6812:785b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heididerusso.com/cdn-cgi/challenge-platform/h/b/jsd/r/8b365bc6e98a9745
Requested by: Host: heididerusso.com
URL: https://heididerusso.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:785b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Aug 2024 04:14:35 GMT
server: cloudflare
cf-ray: 8b365bd18c3b9745-FRA
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 event
t.luxurypresence.com/ 37 B
232 B 128ms
128ms Image
image/gif 3.215.152.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.luxurypresence.com/event?p=0%3Alzurnuun%3A1P5LlXN6guDMZCQ0THBhyyeJubmVGP~y&s=0%3Alzurnuun%3AcpS4ileN1HSUSWR9wg9pFhjRTS_eMp7X&v=0%3AEUwM41z28jMJeBxbjZ69QC60QoGyC9BL&e=0%3AEUwM41z28jMJeBxbjZ69QC60QoGyC9BL0&c=lzurnuuq&n=t&f=t&l=https%3A%2F%2Fheididerusso.com%2F&i=18g&j=xc&k=1&w=18g&h=xc&t=pageView&u=(scompanyId!d0b2b2fa-438d-4b23-b8b9-d93e1483565a!stemplateId!0c2b9641-6f2a-40f2-a2e0-dabc022eb278!swebsiteId!0b749eeb-8d05-46b1-a701-e2458e10cbab!spageId!5dc6353b-e31a-4b19-8a4d-33255de31c7a!(pageMeta!ssourceResource!!spageElementId!!(pageQueryVariables!)))&x=-xs1vte
Requested by: Host: heididerusso.com
URL: https://heididerusso.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.152.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-152-181.compute-1.amazonaws.com
Software: divolte /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 04:14:35 GMT
server: divolte
etag: "6b3edc43-20ec-4078-bc47-e965dd76b88a"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate
content-length: 37
expires: Fri, 14 Apr 1995 11:30:00 GMT

GET
H2 200 main.js Show response
heididerusso.com/cdn-cgi/challenge-platform/scripts/jsd/ Frame 90AB 8 KB
0 49ms
48ms Script
application/javascript 2606:4700::6812:785b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heididerusso.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Server

2606:4700::6812:785b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc6bed2d3f0b21c2bf674e3b33d5998f6b0c73b45e4b6b7f3141b9f3f9d684aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b365bcc0d119745-FRA

GET
H2 200 googleOneTap
bss.luxurypresence.com/buttons/ Frame 145E 0
0 143ms
142ms Document
text/html 52.70.228.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bss.luxurypresence.com/buttons/googleOneTap?companyId=d0b2b2fa-438d-4b23-b8b9-d93e1483565a&websiteId=0b749eeb-8d05-46b1-a701-e2458e10cbab&pageId=5dc6353b-e31a-4b19-8a4d-33255de31c7a&sourceUrl=https%3A%2F%2Fheididerusso.com%2F&pageMeta=%7B%22sourceResource%22%3A%22%22%2C%22pageElementId%22%3A%22%22%2C%22pageQueryVariables%22%3A%7B%7D%7D
Requested by: Host: accounts.google.com
URL: https://accounts.google.com/gsi/intermediate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.228.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-228-248.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Referer: https://heididerusso.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-length: 2233
content-type: text/html; charset=utf-8
date: Thu, 15 Aug 2024 04:14:35 GMT
etag: W/"8b9-2BOi/12VkmMpaDfYIn+q0CkNaeQ"
x-powered-by: Express

GET
H2 200 po-up-modal
res.cloudinary.com/luxuryp/images/w_960,c_limit,f_auto,q_auto/yh3osnxeyeuerscyrw4d/ 40 KB
41 KB 226ms
225ms Image
image/webp 2a02:26f0:480:582::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/luxuryp/images/w_960,c_limit,f_auto,q_auto/yh3osnxeyeuerscyrw4d/po-up-modal

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:582::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

0ac06f4fed4b871711d615f0bcbf9bfd8675324892101c1ddc2f771953439407

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:35 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="po-up-modal"
server-timing: cld-akam;dur=184;cpu=23;start=2024-08-15T04:14:35.799Z;desc=miss,rtt;dur=41,content-info;desc="width=960,height=1152,bytes=41360,owidth=2000,oheight=2400,obytes=131780,ef=(1,11,13,17,97)",cloudinary;dur=74;start=2024-08-15T04:14:35.860Z
content-length: 41360
last-modified: Thu, 21 Mar 2024 19:19:15 GMT
server: Cloudinary
etag: "f2de394c09dd6d627be2926d3d34b295"
vary: Accept,User-Agent,Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 317 KB
104 KB 174ms
66ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?callback=__googleMapsCallback&key=AIzaSyCIY9-pwOauKk5EeI-LFy4crd3WPVxwv3A&libraries=places

Requested by

Host: heididerusso.com
URL: https://heididerusso.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

93f4559b8fac7ce3601a8026135dac58f0e56bc136308d7a84b9800272ce9673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105985
x-xss-protection: 0

POST
H2 200 8b365bcacc489745 Show response
heididerusso.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 90AB 0
249 B 72ms
68ms XHR
text/plain 2606:4700::6812:785b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heididerusso.com/cdn-cgi/challenge-platform/h/b/jsd/r/8b365bcacc489745
Requested by: Host: heididerusso.com
URL: https://heididerusso.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:785b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Aug 2024 04:14:35 GMT
server: cloudflare
cf-ray: 8b365bd25cba9745-FRA
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 52ms
52ms XHR
application/json 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=__googleMapsCallback&key=AIzaSyCIY9-pwOauKk5EeI-LFy4crd3WPVxwv3A&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://heididerusso.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/13/intl/de_ALL/ 294 KB
64 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/13/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=__googleMapsCallback&key=AIzaSyCIY9-pwOauKk5EeI-LFy4crd3WPVxwv3A&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a22bc65dbdd9b6bb8cb744abb8ad227c97112df7c67fbedfcb906c48ae118f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:13:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 136862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65149
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:13:34 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/13/intl/de_ALL/ 180 KB
55 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/13/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=__googleMapsCallback&key=AIzaSyCIY9-pwOauKk5EeI-LFy4crd3WPVxwv3A&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

902195d22f3a6125b8fb19d41eb66a4fcd2e5733a36c1b79077183dc80a05e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56057
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:00:22 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/13/intl/de_ALL/ 98 KB
26 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/13/intl/de_ALL/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=__googleMapsCallback&key=AIzaSyCIY9-pwOauKk5EeI-LFy4crd3WPVxwv3A&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1da504af42d7bc3f3e16adb27a4a0987ddaf5dfc7d9a5128ec32237807261c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:02:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26592
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:02:09 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/13/intl/de_ALL/ 47 KB
14 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/13/intl/de_ALL/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=__googleMapsCallback&key=AIzaSyCIY9-pwOauKk5EeI-LFy4crd3WPVxwv3A&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2dff4d9469bec31be3a332a968a944db84f74ce0207021c487386d7eb7a17d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:59:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14381
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 13:59:12 GMT

GET
H2 200 favicon.ico
heididerusso.com/ 33 KB
6 KB 608ms
608ms Other
image/vnd.microsoft.icon 2606:4700::6812:785b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heididerusso.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:785b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Luxury Presence
Resource Hash: ecb36aa8f7008cbd691e0b515ef188fc4bcd584e2c48038276ef5964488b6145

Request headers

Referer: https://heididerusso.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:14:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Apr 2024 23:56:46 GMT
server: cloudflare
x-amz-request-id: W70MD7HP0CG33P1P
x-powered-by: Luxury Presence
etag: W/"5d6bcba44d24ae01ad4cb9e67d0c9066"
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
content-type: image/vnd.microsoft.icon
cache-control: max-age=600, stale-while-revalidate=1200, public
cf-ray: 8b365bd42dea9745-FRA
x-amz-id-2: JqsSDoRAoZL0UNLi2yH/5WAiNoSksm17XNNprrR7GpMbt4wVsg4PCkM40aN/ej4mPQoUVKmiGEc=

GET
H2 206 heidi-opening-video.webm
res.cloudinary.com/luxuryp/videos/f_webm,vc_vp9,q_auto/qpjvaawita61qekdzbi8/ 845 KB
0 0ms
0ms Media
video/webm 2a02:26f0:480:582::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/luxuryp/videos/f_webm,vc_vp9,q_auto/qpjvaawita61qekdzbi8/heidi-opening-video.webm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:582::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

73860bed0f3d1034402513d2a9d1da50b15ee98e652d8e113cf666a895d7b548

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://heididerusso.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=4527304-

Response headers

date: Thu, 15 Aug 2024 04:14:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 29 Apr 2024 22:08:23 GMT
server: Cloudinary
etag: "a2de8b40fe7e262e40c9e35abdb5b139"
vary: Save-Data
content-type: video/webm;codecs=vp9
access-control-allow-origin: *
Content-Range: bytes 4527304-5392412/5392413
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, max-age=2592000
server-timing: cld-akam;dur=229;cpu=24;start=2024-08-15T04:14:34.940Z;desc=miss,rtt;dur=38,content-info;desc="width=1894,height=1000,abps=266082,fps=30.0,du=20.266,vc=\"vp9\",bytes=5392413,owidth=1894,oheight=1000,oabps=272669,ofps=30.0,odu=20.267,ovc=\"h264\",obytes=5526094,oformat=\"mp4\",ef=(18,41,62)",cloudinary;dur=116;start=2024-08-15T04:14:35.001Z
accept-ranges: bytes
timing-allow-origin: *
Content-Length: 865109

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.heididerusso.com/	1970-01-20 22:48:17	Name: __cf_bm Value: aeVON.rQuHP9kd7tdVtkcGowzX4S98xk1Zq1lXJuuE0-1723695274-1.0.1.1-Mlwpr0k5W3Irg.juB9_PX8cOHZ3epzD0N3j9koQnFLrmt0L5sXc2kTIj3e3aEyDSrKM8SXzyO13b05.VBxEXzg
.heididerusso.com/	1970-01-21 00:57:51	Name: _gcl_au Value: 1.1.752710313.1723695275
.heididerusso.com/	1970-01-21 08:24:15	Name: _ga_JCTZLQK4T3 Value: GS1.1.1723695275.1.0.1723695275.0.0.0
.heididerusso.com/	1970-01-21 08:24:15	Name: _ga Value: GA1.1.482249016.1723695275
heididerusso.com/	1970-01-20 22:48:17	Name: _dvs Value: 0:lzurnuun:cpS4ileN1HSUSWR9wg9pFhjRTS_eMp7X
heididerusso.com/	1970-01-21 08:24:15	Name: _dvp Value: 0:lzurnuun:1P5LlXN6guDMZCQ0THBhyyeJubmVGP~y
.heididerusso.com/	1970-01-21 07:33:51	Name: cf_clearance Value: gvEFxrjYjzuAk6GuvvtddW7qavVSL6U6tLV9obD3w5s-1723695275-1.0.1.1-YjBxceLO4Oq0s1ibRi4TY2PlwVAN1QfmhiUZ9h1RqFQzeRRejeVbYWlTTO.TB.O3V8qvn2bvDbEx4oDpvP88wQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://res.cloudinary.com/dvgalsdp3/image/upload/v1668765837/dummy-map_zkxabi.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
acsbapp.com
bss.luxurypresence.com
cdn.acsbapp.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
d1e1jt2fj4r8r.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gw.luxurypresence.com
heididerusso.com
maps.googleapis.com
region1.google-analytics.com
res.cloudinary.com
styles.luxurypresence.com
t.luxurypresence.com
translate.google.com
translate.googleapis.com
www.googletagmanager.com
www.gstatic.com
104.17.25.14
172.217.18.10
2001:4860:4802:32::36
2600:9000:2156:800:d:c7b9:f540:93a1
2600:9000:223c:5200:f:af14:7ac0:21
2606:4700:10::6816:1cc
2606:4700:10::6816:cc
2606:4700::6812:785b
2606:4700::6812:bb1f
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:827::200a
2a00:1450:4001:82a::200e
2a00:1450:400c:c04::54
2a02:26f0:480:582::523
3.215.152.181
3.229.152.19
52.70.228.248
04cc809654e819cddbf3fec6e551fd7e1286e3ee5de5b53f8591f8ed8a18ffef
09b3c62c8b55e7b38b7f5331a887e683a51839502a44d81344291a69a1a7feb3
09dbd87e50199b8dcdf8a596746412508efe3d91ca3f84667ee9dfc8a1981f65
0ac06f4fed4b871711d615f0bcbf9bfd8675324892101c1ddc2f771953439407
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0e5416f145e7bf16c58504356c732fe7e99671f4696194c5b140a252db02f0af
0f4fb98a2b31ccc79061c1ebfb22325e0eaa57c06f0bc7a6d1a4768c9039b018
115127b2594a2a18a006303cb33578607cc61b5dc4e4614044bfa813f00b1c6d
16263bdb91b70d013a86ad7991719b7830fef415a77b48ada46b95c3323913c1
1a213d128d80e2c7f00a736e28482bb22a47f4c6c95c0fb44002e55544334b37
1da504af42d7bc3f3e16adb27a4a0987ddaf5dfc7d9a5128ec32237807261c1b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
263f5600d11df8306fcb186767f178ac17bd056b0bdd84e6651ffde7f23515cf
2653b564c8aa7f1e96373fec2705e0279dcdebbb409be468a20d01d2b844a901
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
468b3e9ad7eb860239ed3e6eba32e2e0ff79ee9c2bbf132f18a4d9c0809716e3
478ea3a022ac586f5047611822e6de6a40420641d085ad53e805932101aba298
48f7a5d0c2e7210b253ac1e736ed60c5d73c25fa744361ea8e13912b6b785277
4dd9e08bfd3ba9ea0d1b68dfd3ac7be68d59999e19abbd39bd271310a23da7e3
5185db493b29e14ea5f7cea7c0cfffa0612e137dd8b96ac5c88940db7d17f287
54a4df6e10e89480cbfdf5a65997da3fdf2279304cb790984a2624fe77933969
57317db57b6a661f77a13d9233c4c5ead28a4cb66a2ced2be9394f806c8723e9
5f01886f4756d9dfa133c5cf97d45c4db68d2684df43fc4a5759f9101607d27e
61b889d7da1be3b7b3bf27c4e66b47dbb6169b1e6d291ff6ae483203a1856de9
63959d6d33fc1b7a0548b67bf45412910235b59888441411ca5ae7513cbf7132
67adfdac93b9ec1899cd00e55ac1b217e109dc5b379c3e2940f91f8a64f2dd2f
6a11769400f5e1356cca887319dfd120b99dcb9e17090937d76c1768c807a046
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
73860bed0f3d1034402513d2a9d1da50b15ee98e652d8e113cf666a895d7b548
7aee9ab2eee7ddd3445603212207916533cccee7385b52500d4042c24df8d950
823080bad8b3ee1452db5160828232e70a4cbdb2d912a888b90e42208b08a24d
83b1e0a0cc92672a27b8fc074ce45ffae18711e3a6ed5448da47d75979499dca
8a2dff4d9469bec31be3a332a968a944db84f74ce0207021c487386d7eb7a17d
8c39b704624edb35c2eb1bd658b09504eaaa750ef36f5232898fa6847f3e8fb6
902195d22f3a6125b8fb19d41eb66a4fcd2e5733a36c1b79077183dc80a05e8b
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
935bfdbf9036a3c4dcbbc5e76c8313c28321d6d828161fa58f6954822fa905ca
93f4559b8fac7ce3601a8026135dac58f0e56bc136308d7a84b9800272ce9673
9b1118bbbb0bb2e70eeee882c915af42927a6255e80578202a5af131b9dc4cab
9c3444b55eda467197cee45a1775c2775f2a70aaf51350348c399be94e586b18
9c4fad54667a823fab27877882378d0c69054a46534cb3908a77cceb6035ed26
9ec6161aa26451b2e385358cb68024a9261bc2a6e9bdc92db3c692883574f8c9
a0a22bc65dbdd9b6bb8cb744abb8ad227c97112df7c67fbedfcb906c48ae118f
ac54f3eaa0808c5b007de3ddf1bc53e41dd5b785e2f2a6d64fbc3e3c5d1aa1db
acbf35a5085663bb2d476a239bc2c7f7396df0d8c1387f6f6dd8e892995f4bbb
ad377d86dc248c406f4c2d312963d73edc9e3e0d477b6a32f84aee9798516c75
b6f84f70ede76be7005e3e398b50e42edabe0aa98eb4e5cbb7efbaf0434923e5
b99aca0ebe0a663b6ffa1450b70ead7616dd468076e0135e7655785d38169486
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5
d7f8bfcff5d9951f4f346ca835aa273102249c31ef5a2887eb4cc1ab5755f4f7
d93d2e0923208d92a6ce68530f6c8b5af84dc780f29dfb66c3d1768bc2576ad9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e8f06b163d949f5165a78342bbf8bfb65b005348930e09a0d61e1c666030902b
ecb36aa8f7008cbd691e0b515ef188fc4bcd584e2c48038276ef5964488b6145
ecf174bb4dd8459505a55bfe90cd9bd86a28b2a3a2a5af1d4a4a58f109a54d7b
ed4803ad16acf93f1a26423adec71636edc87eeba2659af7a86bf4291df8ffa4
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
fc6bed2d3f0b21c2bf674e3b33d5998f6b0c73b45e4b6b7f3141b9f3f9d684aa
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

heididerusso.com Open in urlscan Pro 2606:4700::6812:785b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

97 %HTTPS

76 %IPv6

12 Domains

20 Subdomains

22 IPs

4 Countries

2449 kBTransfer

10579 kBSize

7 Cookies

8 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

heididerusso.com Open in urlscan Pro
2606:4700::6812:785b Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

97 %
HTTPS

76 %
IPv6

12
Domains

20
Subdomains

22
IPs

4
Countries

2449 kB
Transfer

10579 kB
Size

7
Cookies

63 HTTP transactions
8 data transactions