www.heronfinance.com Open in urlscan Pro
2606:4700:20::681a:5a7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.clkmg.com/wellput-io/130980lyhitrh2/v2-r4181-p130980-c1318/International%20Intrigue///
Effective URL:
https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=...
Submission: On July 23 via manual (July 23rd 2024, 12:39:11 pm UTC) from IN — Scanned from US

Summary HTTP 79 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 18 IPs in 1 countries across 16 domains to perform 79 HTTP transactions. The main IP is 2606:4700:20::681a:5a7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.heronfinance.com.
TLS certificate: Issued by WE1 on July 20th 2024. Valid for: 3 months.

This is the only time www.heronfinance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.236.11.165 44.236.11.165	16509 (AMAZON-02) (AMAZON-02)
1 1	34.198.147.111 34.198.147.111	14618 (AMAZON-AES) (AMAZON-AES)
4 53	2606:4700:20:... 2606:4700:20::681a:5a7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 7	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:400d:c04::61	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.249.190.85 13.249.190.85	16509 (AMAZON-02) (AMAZON-02)
1	2600:1408:ec0... 2600:1408:ec00:1e::1735:23ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 8	13.58.10.93 13.58.10.93	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
2	18.161.34.8 18.161.34.8	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:400d:c07::8a	15169 (GOOGLE) (GOOGLE)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
2	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.210.212.221 54.210.212.221	14618 (AMAZON-AES) (AMAZON-AES)
79	18

1 44.236.11.165 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-11-165.us-west-2.compute.amazonaws.com

www.clkmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.147.111 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-147-111.compute-1.amazonaws.com

wellput.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 2606:4700:20::681a:5a7 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

www.heronfinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:21::14 (United States) 5 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c04::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.190.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-190-85.bos50.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:ec00:1e::1735:23ea (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.58.10.93 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-10-93.us-east-2.compute.amazonaws.com

v1.slise.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

utt.impactcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.161.34.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-34-8.bos50.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c07::8a (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.210.212.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-212-221.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	heronfinance.com 4 redirects www.heronfinance.com	714 KB
9	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 www.linkedin.com — Cisco Umbrella Rank: 914 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	4 KB
8	slise.xyz 1 redirects v1.slise.xyz — Cisco Umbrella Rank: 291987	10 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	4 KB
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 3241 alb.reddit.com — Cisco Umbrella Rank: 1969	761 B
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 7846	283 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	73 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1561	13 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 5025 api-iam.intercom.io — Cisco Umbrella Rank: 5121	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	202 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	258 B
1	impactcdn.com utt.impactcdn.com — Cisco Umbrella Rank: 6679	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
1	go2cloud.org 1 redirects wellput.go2cloud.org	2 KB
1	clkmg.com 1 redirects www.clkmg.com — Cisco Umbrella Rank: 382626	1 KB
79	16

	Domain	Requested by
53	www.heronfinance.com	4 redirects www.heronfinance.com static.cloudflareinsights.com
8	v1.slise.xyz	1 redirects www.heronfinance.com
6	px.ads.linkedin.com	4 redirects www.heronfinance.com
2	www.facebook.com
2	js.intercomcdn.com	widget.intercom.io
2	connect.facebook.net	www.heronfinance.com connect.facebook.net
2	www.redditstatic.com	www.googletagmanager.com www.heronfinance.com
2	www.googletagmanager.com	www.heronfinance.com www.googletagmanager.com
2	px4.ads.linkedin.com
1	api-iam.intercom.io	www.heronfinance.com
1	alb.reddit.com
1	pixel-config.reddit.com	www.heronfinance.com
1	www.google-analytics.com	www.heronfinance.com
1	utt.impactcdn.com	www.heronfinance.com
1	snap.licdn.com	www.heronfinance.com
1	widget.intercom.io	www.heronfinance.com
1	static.cloudflareinsights.com	www.heronfinance.com
1	www.linkedin.com	1 redirects
1	wellput.go2cloud.org	1 redirects
1	www.clkmg.com	1 redirects
79	20

This site contains links to these domains. Also see Links.

Domain
heronfinance.com
help.heronfinance.com
jobs.lever.co
app.heronfinance.com

Subject Issuer	Validity	Valid
heronfinance.com WE1	`2024-07-20` - `2024-10-18`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-23` - `2024-11-18`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-01` - `2024-07-30`	3 months	crt.sh
utt.impactcdn.com WR3	`2024-06-20` - `2024-09-18`	3 months	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2023-12-01` - `2024-12-29`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
v1.slise.xyz R3	`2024-05-02` - `2024-07-31`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-30` - `2024-11-26`	6 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
Frame ID: 36E11E01BF5BF77CD20D990BE84B53FD
Requests: 73 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.51972aa2.js
Frame ID: C00262462EA953B83602AFA4C3AB7B23
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Heron Finance

Page URL History Show full URLs

https://www.clkmg.com/wellput-io/130980lyhitrh2/v2-r4181-p130980-c1318/International%20Intrigue/// HTTP 302
https://wellput.go2cloud.org/aff_c?&aff_id=1&source=cm&aff_sub=v2-r4181-p130980-c1318&aff_sub2=Internatio... HTTP 302
https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium... Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

79
Requests

90 %
HTTPS

47 %
IPv6

16
Domains

20
Subdomains

18
IPs

1
Countries

1342 kB
Transfer

3668 kB
Size

22
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://heronfinance.com/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://help.heronfinance.com/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://jobs.lever.co/WarblerLabs
Title: Careers

Search URL Search Domain Scan URL

URL: https://app.heronfinance.com/account/login/
Title: Sign in

Search URL Search Domain Scan URL

URL: https://app.heronfinance.com/account/create
Title: Get started

Search URL Search Domain Scan URL

URL: https://heronfinance.com/blog/our-approach-to-liquidity/
Title: Learn more about it

Search URL Search Domain Scan URL

URL: https://heronfinance.com/blog/how-to-invest-in-private-credit/
Title: Read more

Search URL Search Domain Scan URL

URL: https://heronfinance.com/blog/why-blockchain-how-heron-finances-investors-benefit-from-blockchain-technology/

Search URL Search Domain Scan URL

URL: https://heronfinance.com/blog/no-crypto-no-problem-why-investors-on-heron-finance-dont-need-crypto-experience/

Search URL Search Domain Scan URL

URL: https://heronfinance.com/blog/private-credit-what-are-the-risks/
Title: Learn more about private credit risks

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.clkmg.com/wellput-io/130980lyhitrh2/v2-r4181-p130980-c1318/International%20Intrigue/// HTTP 302
https://wellput.go2cloud.org/aff_c?&aff_id=1&source=cm&aff_sub=v2-r4181-p130980-c1318&aff_sub2=International+Intrigue&aff_sub3=&aff_sub4=&aff_sub5=&aff_click_id=&offer_id=143 HTTP 302
https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://px.ads.linkedin.com/collect/?pid=5869618&fmt=gif HTTP 302
https://px.ads.linkedin.com/collect/?pid=5869618&fmt=gif&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Fpid%3D5869618%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect/?pid=5869618&fmt=gif&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect/?pid=5869618&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQJHBr8xFV3QCQAAAZDfmj6RNhTU2A1gw1330Nactqt7iTLmyUoDSoO2aZZpnCa7MvX5Mg

Request Chain 39

https://www.heronfinance.com/api/ingest/decide/?v=3&ip=1&_=1721738345734&ver=1.130.1&compression=base64 HTTP 308
https://www.heronfinance.com/api/ingest/decide?v=3&ip=1&_=1721738345734&ver=1.130.1&compression=base64

Request Chain 40

https://www.heronfinance.com/api/ingest/e/?ip=1&_=1721738345758&ver=1.130.1&compression=base64 HTTP 308
https://www.heronfinance.com/api/ingest/e?ip=1&_=1721738345758&ver=1.130.1&compression=base64

Request Chain 48

https://v1.slise.xyz/scripts/pix3l.js HTTP 307
https://v1.slise.xyz/scripts/pix3l.f8c44e08eaaef89dcc68.production.js

Request Chain 59

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5869618&time=1721738346234&url=https%3A%2F%2Fwww.heronfinance.com%2F%3Ftransaction_id%3D1021a6e0aa5f2e8f70ebb084c8a084%26utm_source%3Dwellput%26utm_medium%3Demail%26utm_campaign%3DInternational%2BIntrigue%26utm_content%3Dv2-r4181-p130980-c1318 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5869618&time=1721738346234&url=https%3A%2F%2Fwww.heronfinance.com%2F%3Ftransaction_id%3D1021a6e0aa5f2e8f70ebb084c8a084%26utm_source%3Dwellput%26utm_medium%3Demail%26utm_campaign%3DInternational%2BIntrigue%26utm_content%3Dv2-r4181-p130980-c1318&e_ipv6=AQLv0VMaMBAbGAAAAZDfmj9CTVg8kYfm3cvZeafPV64FPtUmIZF1DNr7emTuacaZ6fdtYQ

Request Chain 60

https://www.heronfinance.com/api/ingest/api/surveys/?token=phc_STWNXX6UmGrvlJBznC84gZwoHpqLzMekm4IgDxPsnUi&ip=1&_=1721738346265&ver=1.130.1 HTTP 308
https://www.heronfinance.com/api/ingest/api/surveys?token=phc_STWNXX6UmGrvlJBznC84gZwoHpqLzMekm4IgDxPsnUi&ip=1&_=1721738346265&ver=1.130.1

Request Chain 76

https://www.heronfinance.com/api/ingest/e/?ip=1&_=1721738348734&ver=1.130.1&compression=gzip-js HTTP 308
https://www.heronfinance.com/api/ingest/e?ip=1&_=1721738348734&ver=1.130.1&compression=gzip-js

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heronfinance.com/
Redirect Chain

https://www.clkmg.com/wellput-io/130980lyhitrh2/v2-r4181-p130980-c1318/International%20Intrigue///
https://wellput.go2cloud.org/aff_c?&aff_id=1&source=cm&aff_sub=v2-r4181-p130980-c1318&aff_sub2=International+Intrigue&aff_sub3=&aff_sub4=&aff_sub5=&aff_click_id=&offer_id=143
https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318

147 KB
22 KB

493ms
301ms

Document
text/html

2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

ab0c659c5ac7cdf587898b12640c848a3ae6d6e4dd61ab3c1b6978f2940d8778

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a7bbb30bb4b2eb7-LAX
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 23 Jul 2024 12:39:05 GMT
link: </_next/static/media/0d4f340eb04bcaf2-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/2ef437677851b4e5-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/413845fc27dec603-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/4e28792240cfb706-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/a2e43d7f816f4e09-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CtosRgGdaPqkm9yDG1D5x0jPm6GjDyvZmOGrbTCrkngI5aZeK9jfj1KTjinfqmc36UrRS7FPwiroSlMOwhEHWkmopGKZiOZ8JtZ7dXzEd6akADN8xs3crEQXYdpMUnzwWYNsTPY07C816jdNhIogSmdS"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-matched-path: /
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-execution-region: iad1
x-vercel-id: sfo1::iad1::nqqbr-1721738345116-e7cd49b8a95c

Redirect headers

Accept-CH: Sec-CH-UA-Model, Sec-CH-DPR, DPR
Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 381
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 23 Jul 2024 12:39:04 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://www.heronfinance.com?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 1021a6e0aa5f2e8f70ebb084c8a084
X-Request-Id: 2e449ca138d1e8f3c8e0f3107d32327a

GET
H2 200 0d4f340eb04bcaf2-s.p.woff2
www.heronfinance.com/_next/static/media/ 47 KB
47 KB 76ms
74ms Font
font/woff2 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/media/0d4f340eb04bcaf2-s.p.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1347d9ce51be7b9396d657e1ad1a55d205c4822572c9f8a9a1c5e6b9889a534

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
Origin: https://www.heronfinance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7571385
content-disposition: inline; filename="0d4f340eb04bcaf2-s.p.woff2"
content-length: 48054
x-vercel-id: sfo1::zv9gr-1714166960884-6cb45ac9364f
server: cloudflare
x-matched-path: /_next/static/media/0d4f340eb04bcaf2-s.p.woff2
etag: "27454052007e66ce9ffea75429bbcb33"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FSFxEuGcrC0NuuzO9tFOKG6NugawBPyAF3ddaK1PsYG1c29fKgsmK7XZ0f1Qwvp7gxz1JiDpwCSzPYev%2BmPT97Gxqu4uxyjt6RHX73xOkXr2em7BmvEGroFdggBTJ5Lcg8jeSg1U9krPU0xrkiB%2FZqPc"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8a7bbb32cdb92eb7-LAX

GET
H2 200 2ef437677851b4e5-s.p.woff2
www.heronfinance.com/_next/static/media/ 47 KB
48 KB 142ms
141ms Font
font/woff2 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/media/2ef437677851b4e5-s.p.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07c28f84d700d4fff8a6b60f531fc0404ff07337a9860fbb267d277658430bfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
Origin: https://www.heronfinance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1687699
content-disposition: inline; filename="2ef437677851b4e5-s.p.woff2"
content-length: 48445
x-vercel-id: sfo1::8s4lh-1720050646469-a7884c433b09
server: cloudflare
x-matched-path: /_next/static/media/2ef437677851b4e5-s.p.woff2
etag: "738937703493b0a3a317475099129245"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xrJLYAkzyiLRLN81NTI9eguzD8oE4V7EDgPDILjuqVdhR3eKdjcPPIZi7qml0YBilObjwqllHND%2B8fCQQMAx4RHWXqPQ5qDrgNp6qKmQB2eKOThlhDB90EP%2FhDjQRSG%2FBb%2FdSTR5cyN30Y2rgC%2BESIaF"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8a7bbb32cdba2eb7-LAX

GET
H2 200 413845fc27dec603-s.p.woff2
www.heronfinance.com/_next/static/media/ 44 KB
44 KB 139ms
138ms Font
font/woff2 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/media/413845fc27dec603-s.p.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ecf11dbbb6026fc363228c30df6822ba248c67782250b4b50a48823e6e8d75f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
Origin: https://www.heronfinance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7571385
content-disposition: inline; filename="413845fc27dec603-s.p.woff2"
content-length: 44620
x-vercel-id: sfo1::9sszb-1714166960895-022a2f1fd262
server: cloudflare
x-matched-path: /_next/static/media/413845fc27dec603-s.p.woff2
etag: "866dd488d2ea0f9efc163dda970ab176"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N7Th9Q5AVmEp0608unakn9UfGgmW98cQUqwb8cCf0vvE8GTjxMNf6o%2BpkEcwxRne6EaG%2Bt%2BI00PWfMFbZv1yuchlXVoti6sbt9AtJzRofLMeFS%2BIPHYPP0Xwj7Jkq6UuqsFnoLrsSQcY26BxsoC%2BmaZf"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8a7bbb32cdbd2eb7-LAX

GET
H2 200 4e28792240cfb706-s.p.woff2
www.heronfinance.com/_next/static/media/ 45 KB
45 KB 139ms
138ms Font
font/woff2 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/media/4e28792240cfb706-s.p.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

748e2353ab2ae772a2c6515b5277598872db141dab94c0a0a9baa0a94b3fb7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
Origin: https://www.heronfinance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7571385
content-disposition: inline; filename="4e28792240cfb706-s.p.woff2"
content-length: 46031
x-vercel-id: sfo1::nllnl-1714166960894-1411ed76b2fa
server: cloudflare
x-matched-path: /_next/static/media/4e28792240cfb706-s.p.woff2
etag: "4a2a7f5697143c7051473a3083b8f466"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HCRqvF%2F750ijhwRFCPKBhO4NEKT1Y64cloSn1buEKd15hErZAKo8G4aTi2kHL9WM63YfDEuOEiF%2BxCiN36Z7fm3v1aOM4amB6UMVPfjMMYpC1O57Zc502P%2BTTxKUEgvS3%2B8ciRgfen4XJzztPE8kysfm"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8a7bbb32cdc02eb7-LAX

GET
H2 200 a2e43d7f816f4e09-s.p.woff2
www.heronfinance.com/_next/static/media/ 47 KB
47 KB 73ms
72ms Font
font/woff2 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/media/a2e43d7f816f4e09-s.p.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd362131b4f6270404e2a90a6d710b86e888de0b2a79094fcb7c16a66e51f130

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
Origin: https://www.heronfinance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7571385
content-disposition: inline; filename="a2e43d7f816f4e09-s.p.woff2"
content-length: 47878
x-vercel-id: sfo1::sx9wx-1714166960894-1cbb1854b171
server: cloudflare
x-matched-path: /_next/static/media/a2e43d7f816f4e09-s.p.woff2
etag: "7d3dc0df1e15efc86cae83b7e6ad0a28"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zRekZr1K6%2BYQYCnPqGHsn29nUQ26YfFhyRimO57aoCvR41JQ8S4Z30Ec4RKtZnzXgGncHzW3jN%2BlrrSkufh9kahZc6wWbTqsI3R4aJCECLaDX3HycFhwis%2Fr6z97BzrStA1%2FmhJBL2kYSZvIRxHkTFzG"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8a7bbb32cdc12eb7-LAX

GET
H2 200 c9a5bc6a7c948fb0-s.p.woff2
www.heronfinance.com/_next/static/media/ 45 KB
46 KB 139ms
137ms Font
font/woff2 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2

Requested by

Host: www.heronfinance.com
URL: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
Origin: https://www.heronfinance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10948871
content-disposition: inline; filename="c9a5bc6a7c948fb0-s.p.woff2"
content-length: 46552
x-vercel-id: sfo1::vrbvm-1710789474093-c8f3195bbe6a
server: cloudflare
x-matched-path: /_next/static/media/c9a5bc6a7c948fb0-s.p.woff2
etag: "74c3556b9dad12fb76f84af53ba69410"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MGfBoDqEiuMZNv8jwNfOY8P17Q4BMH%2FZwIxP3slqjEK4HU%2BVEA8YXvtXinjNPbHZaYXluQf8HlNrf9dJo5GN0Ytv8gJypmZlUPPSmIlb5Nl%2F1n%2BUg9AmM4gOe8bzApsopl4vH9HR6jo0KvZVXoZqCAyc"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8a7bbb32cdc32eb7-LAX

GET
H2 200 image
www.heronfinance.com/_next/ 6 KB
7 KB 140ms
138ms Image
image/webp 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heronfinance.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fheron-flying.6d847a30.png&w=96&q=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d68c370635e8ae56145a514ca9e71f2557680492ff90783a7389f2edebcace4

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130500
x-vercel-imgsrc: 501da2a6edf1eb231422e3e4b6fd91c6
content-disposition: inline; filename="heron-flying.webp"
content-length: 6466
last-modified: Mon, 22 Jul 2024 00:24:05 GMT
x-vercel-id: sfo1::m6x5s-1721738345421-40d8614f0535
server: cloudflare
x-matched-path: /_next/static/media/heron-flying.6d847a30.png
x-vercel-cache: HIT
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lGFkciPTTfVwYcAHSSo9A%2B%2FlKhkYW%2BGT%2Fq2QwaqpHD%2FdETclPOiQk0wdFBxMOX2mrWsWiz%2FRGezqjzDg%2FBlLMyTcBxurL3iMEwnHXxScjCc0eugQ1%2B72WaRdbi1j9Ut5tibi%2BU7BDHo%2ByRQl6hXOgNN0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 8a7bbb32cdc42eb7-LAX

GET
H2 200 image
www.heronfinance.com/_next/ 54 KB
55 KB 199ms
197ms Image
image/webp 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heronfinance.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fheron-flying.6d847a30.png&w=828&q=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cada67cac67b5da60515480c948ac320b11e304881910cde6ba464db9e3df76e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2553715
x-vercel-imgsrc: 501da2a6edf1eb231422e3e4b6fd91c6
content-disposition: inline; filename="heron-flying.webp"
content-length: 55226
last-modified: Sun, 23 Jun 2024 23:17:09 GMT
x-vercel-id: sfo1::nqqbr-1721738345421-425dfa8d6afa
server: cloudflare
x-matched-path: /_next/static/media/heron-flying.6d847a30.png
x-vercel-cache: HIT
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VwAFRkLBZjfIquZhvZXcxtNQ%2BEEKt8aBIBXYSBW4Yq3XiPIjzblerNAUobaJQ3svPCDSbSQ3%2Fix73BJuldUzbpYRzJTFKuN47p99pzn2S96gmloO0ckrbY8be5ccnwe9kA8U5%2BmgmuIwZV3sGzO%2F%2BG5l"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 8a7bbb32cdc62eb7-LAX

GET
H2

200

/
px4.ads.linkedin.com/collect/
Redirect Chain

https://px.ads.linkedin.com/collect/?pid=5869618&fmt=gif
https://px.ads.linkedin.com/collect/?pid=5869618&fmt=gif&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Fpid%3D5869618%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue
https://px.ads.linkedin.com/collect/?pid=5869618&fmt=gif&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect/?pid=5869618&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQJHBr8xFV3QCQAAAZDfmj6RNhTU2A1gw1330Nactqt7iTLmyUoDSoO2aZZpnCa7MvX5Mg

43 B
580 B

394ms
258ms

Image
image/gif

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect/?pid=5869618&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQJHBr8xFV3QCQAAAZDfmj6RNhTU2A1gw1330Nactqt7iTLmyUoDSoO2aZZpnCa7MvX5Mg
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
content-encoding: gzip
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C36693C0830E47379C113EAF86C90E46 Ref B: LAX311000115019 Ref C: 2024-07-23T12:39:06Z
linkedin-action: 1
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
content-type: image/gif
x-li-proto: http/2
content-length: 65
x-li-uuid: AAYd6XKKUHUbqVg51ge/0A==

Redirect headers

date: Tue, 23 Jul 2024 12:39:05 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D034E0BB1C8247ACAB064494ED9BCC50 Ref B: LAX311000110029 Ref C: 2024-07-23T12:39:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect/?pid=5869618&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQJHBr8xFV3QCQAAAZDfmj6RNhTU2A1gw1330Nactqt7iTLmyUoDSoO2aZZpnCa7MvX5Mg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYd6XKENgLTDVS9qV0A2g==

GET
H2 200 4f702b3c8168d883.css
www.heronfinance.com/_next/static/css/ 83 KB
16 KB 139ms
138ms Stylesheet
text/css 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/css/4f702b3c8168d883.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4557a2c25c2b046d58cae18edb4919bd11ba11fc12b9837ebf991bd014595c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74815
content-disposition: inline; filename="4f702b3c8168d883.css"
x-vercel-id: sfo1::47vd8-1721663530575-d116e06706f7
server: cloudflare
x-matched-path: /_next/static/css/4f702b3c8168d883.css
etag: W/"b50ecf8a8385875e7d381e2f212a250e"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZWKigrJM54HeomV1%2FlpjpewW63XCh9uzeN1DYEG12hbONc53eT33dn6lCCrKkvFRLQ6Q8HlI0ZdfDH%2Bx1EblOYnWMAVxyu7ENY%2BYl9dGIGHC8YtEx%2FoJbkH1hNIKsMrAcY3nu%2FT0aXUin8OCU1q8Ukqm"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb32cdc22eb7-LAX

GET
H2 200 webpack-23589b2ea0f5791d.js Show response
www.heronfinance.com/_next/static/chunks/ 4 KB
2 KB 115ms
108ms Script
application/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/chunks/webpack-23589b2ea0f5791d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80e186074bb84ddc4a49c6e9c8c0559c963b4d52ed36b25c8fd954c994ee7cb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 768093
content-disposition: inline; filename="webpack-23589b2ea0f5791d.js"
x-vercel-id: sfo1::kklbl-1720970252103-555ae3ee8df7
server: cloudflare
x-matched-path: /_next/static/chunks/webpack-23589b2ea0f5791d.js
etag: W/"bc0fb3ba58e143eacab91b94edf9b227"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5UOFhTAaEmMkkCN%2FxhVWudGG8Bk%2FcqCd4cRaqgzxRQoOiA0WkfcQWU5llwA6D0412rX3EaGT%2Bpbl3EXduXviwrhrYhx1X0Cd6nK3sm%2FYtzxgUMM3qJzxt4vzZSO2I2FR2CaBe7nKDv9Dz3Gk18v29pOv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb32fdef2eb7-LAX

GET
H2 200 1dd3208c-cd5a8946e72cbe92.js Show response
www.heronfinance.com/_next/static/chunks/ 169 KB
53 KB 175ms
167ms Script
application/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/chunks/1dd3208c-cd5a8946e72cbe92.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6de8b2c1179ef2d6bfd0875c59befbf1b08be0a6d16822635dac549e257ee5ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1696271
content-disposition: inline; filename="1dd3208c-cd5a8946e72cbe92.js"
x-vercel-id: sfo1::n77tj-1720042074451-de8250e3887c
server: cloudflare
x-matched-path: /_next/static/chunks/1dd3208c-cd5a8946e72cbe92.js
etag: W/"561c66a5e0132fc3c434f2ccad840113"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yaR0kSYjTcPz5cY1SrhJINP1Lyh31oN1IgDVcfDH3H5zeY61elNqyBLUhC%2Bk2zvTL6YjpVqTIRwqthD6up8U0l66lxKSJ0hNw18wzUUMCQxY0JEiRF98rKzwURQh6QWDSAU8Bn9l9sGZ6YhZIm%2F6V9um"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb332e162eb7-LAX

GET
H2 200 286-8a2a2615f3db111d.js Show response
www.heronfinance.com/_next/static/chunks/ 121 KB
32 KB 173ms
166ms Script
application/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/chunks/286-8a2a2615f3db111d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b80f4c62b364a2460d0af32d91fd043ce44cc66632692c94b6c353261384b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1082639
content-disposition: inline; filename="286-8a2a2615f3db111d.js"
x-vercel-id: sfo1::kcqdx-1720655706539-67664806b332
server: cloudflare
x-matched-path: /_next/static/chunks/286-8a2a2615f3db111d.js
etag: W/"edcd3bd3797016a48aeb3f4bc3d256ab"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nhvCOcSHSaU3%2FU2ooHqFS676BeBBWXLL6LsBa6KdBLKP392NCLRIxWmiACBv9OuJPARcdkHyswyC3hprPKyMI%2F%2Bv7j9hlzVMgWA%2BzH%2F8UFAgmIQpGUHVsgxRc8%2BXVC2FglBJ5hU5ZA6u%2BUEjzBC8lgLP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb332e172eb7-LAX

GET
H2 200 main-app-733bf33406ba01c2.js Show response
www.heronfinance.com/_next/static/chunks/ 471 B
694 B 115ms
108ms Script
application/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/chunks/main-app-733bf33406ba01c2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ebe62c9b77633ef4a636212371adeca54ad92f4085e9dedeb11758a11c26e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4117887
content-disposition: inline; filename="main-app-733bf33406ba01c2.js"
x-vercel-id: sfo1::7t9bt-1717620458376-94bea8063051
server: cloudflare
x-matched-path: /_next/static/chunks/main-app-733bf33406ba01c2.js
etag: W/"4644c4904ee480a0529e3dd50dbd35a1"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qh59srAkGTBnuNM1d76opXlmb0lnqE%2B2ZZ0iyUb%2Ft7YO6F5VVhZ4WYbS%2B1gnvFtnn53dUtUqVX5NNOlzROrZRQtCYjDLLJKrWZ45R75iWmIyRgia25QV33ZjeVDZyRsdfNNVLkHr3PsCf1dCLUh4dhus"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb332e1a2eb7-LAX

GET
H2 200 469-d7d5f2c6b869be83.js Show response
www.heronfinance.com/_next/static/chunks/ 20 KB
7 KB 173ms
167ms Script
application/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/chunks/469-d7d5f2c6b869be83.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91da4a94210307f39d66c835f402f99956eea49d85d64cb0d47f98bc08c49ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3680720
content-disposition: inline; filename="469-d7d5f2c6b869be83.js"
x-vercel-id: sfo1::pjvgl-1718057625606-f1b3ada2ed65
server: cloudflare
x-matched-path: /_next/static/chunks/469-d7d5f2c6b869be83.js
etag: W/"6420f983429c067acf9a58864b5a7e48"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vAnutZku8vXoTqNiSxBhyOI%2F4dn3yvMERR4R0geC%2BL4vhOQelp97cloLFPQmKRb3MYXAZl1%2BiL2GgE8jDT6j5XpcMR9O3ToXdLa0MvvR%2F0rrDLAtE%2FtCL90SiKPkUI6eieVGh1tZH1I8p0o3TM4BEKPi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb332e1c2eb7-LAX

GET
H2 200 374-45b004c888619273.js Show response
www.heronfinance.com/_next/static/chunks/ 41 KB
15 KB 174ms
168ms Script
application/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/chunks/374-45b004c888619273.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f1ce4a862d65402b5a079f450fe0fcec315ba7565247c86ae25f819662ad7a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3680720
content-disposition: inline; filename="374-45b004c888619273.js"
x-vercel-id: sfo1::hmth6-1718057625627-ad0e6f7b6f95
server: cloudflare
x-matched-path: /_next/static/chunks/374-45b004c888619273.js
etag: W/"f337fa5015d206066c180569d5ef0f23"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OY2oHfNUp24mb1g1AN4ILYIuyTwp3xH09xaoySc8TdSVHV1h2VQ4rZkhNQd5v6SEJnf4gT8qEMdpRf75%2FbgAfXpXqrNTWTJiYAoS4zP5W1u9pa7zliwcdq6cV19Z2xwHMoHTtc3ct5wqOeuRbBwLwAxF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb332e1d2eb7-LAX

GET
H2 200 525-97870bd3968f4421.js Show response
www.heronfinance.com/_next/static/chunks/ 9 KB
4 KB 171ms
165ms Script
application/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/chunks/525-97870bd3968f4421.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2301eddf6ea01e6c093f7026a75b4b7a95a9e5d87a34fd74b8bdefae6210fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3680720
content-disposition: inline; filename="525-97870bd3968f4421.js"
x-vercel-id: sfo1::g88dv-1718057625938-fa920fdf955e
server: cloudflare
x-matched-path: /_next/static/chunks/525-97870bd3968f4421.js
etag: W/"c3426965c8ecd35d553cf0ff64c62da5"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6XJ%2F2CRO4KASmERdAmQo47dwlrgBmApZrwdRZ%2FZTNcxnEteLFXj%2Fm1X8AV%2F0mfdcakVghn5VoMMNTbisebeoEMvJXOUAl%2F6pDPy05Zp0nBJyx5FrM7%2BXZGFDrgaeLbJ3wH5dCr7ptxvC0UYXW2Qe0LNh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb332e1e2eb7-LAX

GET
H2 200 383-d797cb5c19510615.js Show response
www.heronfinance.com/_next/static/chunks/ 13 KB
5 KB 116ms
110ms Script
application/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/chunks/383-d797cb5c19510615.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4daf64a838dd26c6d5caf4c60c0a9416758d2ffd2ec7772d33c2fd67a9001ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1082639
content-disposition: inline; filename="383-d797cb5c19510615.js"
x-vercel-id: sfo1::jkmvn-1720655706547-f16cfb8d5dab
server: cloudflare
x-matched-path: /_next/static/chunks/383-d797cb5c19510615.js
etag: W/"d7d934c659dbecd2be811dded8b24f4a"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZhndOa%2BVZCuqYZpy18kgt3RjOiyYQLXawxMhfbOKcWjjy858qwIbKH4DJDaF7TX0Nk9urA0q3p7HGfl6EKQpOQZfIrLAmiiLH0AYAsHU3oqNwmfoj%2Bx98C2V35gacJFkLOYNkCcRG5vnUGCW5Rirsng"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb332e202eb7-LAX

GET
H2 200 layout-4e0ec1f6e38034f5.js Show response
www.heronfinance.com/_next/static/chunks/app/(standalone)/ 5 KB
2 KB 172ms
167ms Script
application/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/chunks/app/(standalone)/layout-4e0ec1f6e38034f5.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b70b189933d83415921ba9e54475deab3b5ec504e4c46d4933f6d3a5139fc5a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 584253
content-disposition: inline; filename="layout-4e0ec1f6e38034f5.js"
x-vercel-id: sfo1::psfpd-1721154092265-b558167ee2e3
server: cloudflare
x-matched-path: /_next/static/chunks/app/(standalone)/layout-4e0ec1f6e38034f5.js
etag: W/"2ed94c3d5c8deee7f4bb12e831d27199"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f6CAgnDgbgyH9WyoIpvzJKusLbLxvDQwOzGuKEKwzNPPNmceIOhe31CuVYP2XMsRpYTp38Z9ulqegv18QSqSSySi8tme2%2F27Nm4vE1H9zmwr3PfAxFqaph8IEUwXdnWCOYzNC8xEKcrTGc0p7arrIAkt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb332e222eb7-LAX

GET
H2 200 658-f4fd9d135fdc1ac6.js Show response
www.heronfinance.com/_next/static/chunks/ 13 KB
6 KB 170ms
166ms Script
application/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/chunks/658-f4fd9d135fdc1ac6.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0f32f54a2b30d8106d20cb8b32b080ec4c10f828242bfaea909d1638c702fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4117887
content-disposition: inline; filename="658-f4fd9d135fdc1ac6.js"
x-vercel-id: sfo1::tpr4r-1717620458376-0934fe4911f3
server: cloudflare
x-matched-path: /_next/static/chunks/658-f4fd9d135fdc1ac6.js
etag: W/"6fb4f421df83e990d418fa0971cd3303"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GBeK74rb4g8E0R9%2FQJ%2FSPW%2BDi9znvCShXxXdkXBXJ3udKy%2FazkWDgnEMO%2Be5klM%2FaaynyBJ0ypypP4Xg8wlU7dVRJ6%2B6YHoFWKWGyu6QWuOTVjv%2BOYQr71J4M4KxhwkmT5q68E%2FgsqPahGCkH1jcxa%2BN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb332e232eb7-LAX

GET
H2 200 96-ba26ee696eff97e2.js Show response
www.heronfinance.com/_next/static/chunks/ 21 KB
9 KB 171ms
166ms Script
application/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/chunks/96-ba26ee696eff97e2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba5fa9d26c2ea3dcedcd594f0604a42870bf6a0a1d12232c34c61a2dda41bf26

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 860489
content-disposition: inline; filename="96-ba26ee696eff97e2.js"
x-vercel-id: sfo1::hjmqg-1720877856276-7dadb322f9bc
server: cloudflare
x-matched-path: /_next/static/chunks/96-ba26ee696eff97e2.js
etag: W/"53e93e49e9d38bff8d10f7a0823156e5"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fr3sOVWeMIOrdRGjU9HwpmRe1Zcg2eUIiTyavtaZkMc02MFyxkF87izdY4H4xfPyXfgRcRN8dZnZxeuWVmfpOu5DPapa%2BrZ5%2FMNwRsSd%2BE8BsYquHliXPNRAAHbdLc8jmJLPSzr2sXr5RPcTfF8vbnPD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb332e242eb7-LAX

GET
H2 200 786-46928bb559d8ac47.js Show response
www.heronfinance.com/_next/static/chunks/ 56 KB
20 KB 172ms
168ms Script
application/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/chunks/786-46928bb559d8ac47.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b3de913b437482725068457133cbaa236ddd7b2cbf0e8b1df0cebc4bcf7354f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4117887
content-disposition: inline; filename="786-46928bb559d8ac47.js"
x-vercel-id: sfo1::2ttd8-1717620458380-c5989e17ecb7
server: cloudflare
x-matched-path: /_next/static/chunks/786-46928bb559d8ac47.js
etag: W/"45e02d415cbc35b50c0b0f434850d212"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WGiRUtYMnBDUCPmK3xbpDpu1wzuNRDAj0C5gE8enNWgh4Z11NDs6NFJtuzvUnG9Pv4smzQfzNSPO5Tc6uieLmrSeWqvZWynPt59RlNYu2R3LYOk60%2FJzhd8uqkQ%2Fcs42YnMCyQXsqo03ki%2F0zlKxtC1%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb332e272eb7-LAX

GET
H2 200 216-742b57e559ad281b.js Show response
www.heronfinance.com/_next/static/chunks/ 15 KB
6 KB 170ms
166ms Script
application/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/chunks/216-742b57e559ad281b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

647c7c84a7e5001720ff13b642e6cfc49eba07efb9d30f1673b2195c0597c666

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1082639
content-disposition: inline; filename="216-742b57e559ad281b.js"
x-vercel-id: sfo1::d2zdl-1720655706539-9d9e9565d979
server: cloudflare
x-matched-path: /_next/static/chunks/216-742b57e559ad281b.js
etag: W/"8e9da2707eba04d5678f79e553e5f66e"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QeXLjDA12t%2FmTPhQBFLQEBf64bQ8EZYw3EydotNVEXsDjmykqoc7CTjN5kiOrr7TlKqR0G6Dw8QjY0ak8rL96t%2FAw3nPWB38a%2Bv5g%2BaTri2Ns3rg7vL0cfu7EZu%2BX8VCLklstb1Yy82610YuxHJhHDnh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb332e292eb7-LAX

GET
H2 200 649-99dc6c1867f86f28.js Show response
www.heronfinance.com/_next/static/chunks/ 27 KB
9 KB 172ms
168ms Script
application/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/chunks/649-99dc6c1867f86f28.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c29995303e6f00382059fd80a9e695e390640dc16f1fec02b896ab91cd4a6e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 752585
content-disposition: inline; filename="649-99dc6c1867f86f28.js"
x-vercel-id: sfo1::dmc8f-1720985760673-4b1bee64d71d
server: cloudflare
x-matched-path: /_next/static/chunks/649-99dc6c1867f86f28.js
etag: W/"01cb5463750375daa604aa52032f23c8"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kIPEXaUZABbw6M7BqLAK9VVczZR9wRW4BbsyMqn4fkCuEmX1Y%2FEP9Q53EB6F3wV85Pbd2XVVWAfHMigY08pAPyvw73Ev6QhH0J4TgTXwL6M%2BzihUuWzd1ydsg1Cf33esyegfm%2Byittbjkn4qCl0rTHhe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb332e2b2eb7-LAX

GET
H2 200 page-55f3d9f70a0c375f.js Show response
www.heronfinance.com/_next/static/chunks/app/(navigable)/ 171 B
574 B 168ms
165ms Script
application/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/chunks/app/(navigable)/page-55f3d9f70a0c375f.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c72551902ae79f7b9c02a4cbad5a486f6cb46d7a6a3ce367f5765951ed8e1e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2385421
content-disposition: inline; filename="page-55f3d9f70a0c375f.js"
x-vercel-id: sfo1::xrdfm-1719352924735-f3d6832fb17a
server: cloudflare
x-matched-path: /_next/static/chunks/app/(navigable)/page-55f3d9f70a0c375f.js
etag: W/"08ef38bbe0bb67382aec8d211fe51996"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2BlolPcL0%2FbNht0SlQcUvf7TdMlJ%2FKar4kLmBQ4GpFk2vBn%2FJnRAUGXQAn3fSgIqy2e%2BivzkTDKhE3Vt63xq2%2BvzLcmAhL%2Bi1iAwpZEuOK8nr7tEBKn7pkDLb%2BHWP%2BS8MRcYhrS6aQzFofG%2F5fmDFJCS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb332e2c2eb7-LAX

GET
H2 200 579-b44fca1b2257a3a4.js Show response
www.heronfinance.com/_next/static/chunks/ 129 KB
41 KB 171ms
168ms Script
application/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/chunks/579-b44fca1b2257a3a4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c93fb90ee83f67cbb1eadbbe25fa8b0df6cc0f1eb2bc4cc3b25fdc033007cccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3680719
content-disposition: inline; filename="579-b44fca1b2257a3a4.js"
x-vercel-id: sfo1::tkhrf-1718057626146-ed7067d9aeb0
server: cloudflare
x-matched-path: /_next/static/chunks/579-b44fca1b2257a3a4.js
etag: W/"692b4e549bdcd296c2fa11520a69aaed"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FlA4wQcTNIHkkmvrST%2F8c24qC7dpkYY07ZY6sMQcHSeoopX2KupM%2FLUQ8HWmZfW3WwBE%2FACOi%2FcI8M%2B5pbuBBd%2FKY1jdfRuiqKSvvgZG%2BATrsf%2Bma090K8c7cQibwXWCCtIaLDgG7qBCFuOFHhPaVdTs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb332e2e2eb7-LAX

GET
H2 200 layout-2766523fb8d62d35.js Show response
www.heronfinance.com/_next/static/chunks/app/ 6 KB
3 KB 169ms
167ms Script
application/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/_next/static/chunks/app/layout-2766523fb8d62d35.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

050daa0bcd9cbe6cf268780fafa1e9a544329b69ead3a4e6ecaee5f104025972

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 421514
content-disposition: inline; filename="layout-2766523fb8d62d35.js"
x-vercel-id: sfo1::cmklx-1721316831564-99656fbc484b
server: cloudflare
x-matched-path: /_next/static/chunks/app/layout-2766523fb8d62d35.js
etag: W/"8eb1c918330cf4ed88c9aacb8710370b"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ABWefw3e4g0kPkEnElJJs6vYUJOx12yWGOFC0YdNIcimQ3RJ4Yn8FxNUrhm4VHQbgqhgCgcHNxLOoNZU%2FkxV0bq62M93yV9BgVxknxBLV9bX%2B30ixeorDNZB24gR8kVgXKKxJExOTy6ispdw1p0O9QXQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb332e302eb7-LAX

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 284 KB
98 KB 386ms
138ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PLX3H73D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

481d5f40293b3d9ecffaf75d9368a72c95d305cb22229a31c0b28093486187a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99666
x-xss-protection: 0
last-modified: Tue, 23 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Jul 2024 12:39:05 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 255ms
100ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: www.heronfinance.com
URL: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://www.heronfinance.com/
Origin: https://www.heronfinance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8a7bbb33fd482f7a-LAX

GET
H2 200 image
www.heronfinance.com/_next/ 9 KB
9 KB 89ms
88ms Image
image/webp 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heronfinance.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Faxios.7f594018.png&w=384&q=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9175ce727248fe6bf3124acfded77eae0c5c7c0045a1f10d13a88fca5aa272b3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2310773
x-vercel-imgsrc: c5e36b3a8bc2c4a08efe829c7ddb93ce
content-disposition: inline; filename="axios.webp"
content-length: 9114
last-modified: Wed, 26 Jun 2024 18:46:12 GMT
x-vercel-id: sfo1::nqqbr-1721738345633-9c08180141e5
server: cloudflare
x-matched-path: /_next/static/media/axios.7f594018.png
x-vercel-cache: HIT
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pmJF%2FCW9cij6l4rwZ2%2BusbCRmEIqPC5uHLFjFux3j9nWEDsXINmT5WmX9xAdFtjEtfqk0C8n4j%2BLXiCN4miCh3xVFvkVjb5ki3WvOgc9%2FT8l7z3UyJnASOPL%2FAChcuCp1DHDehpvE5nL09ZEPt9MEORk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 8a7bbb342f392eb7-LAX

GET
H2 200 image
www.heronfinance.com/_next/ 8 KB
8 KB 93ms
92ms Image
image/webp 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heronfinance.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fbloomberg.c14da7bd.png&w=384&q=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f20fbbadccccaa0ecea71fd9853b4e32fabb6084771d2417ad5f56337935e248

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2310773
x-vercel-imgsrc: 8df9682278000ebc2ed148bb96ad2046
content-disposition: inline; filename="bloomberg.webp"
content-length: 7832
last-modified: Wed, 26 Jun 2024 18:46:12 GMT
x-vercel-id: sfo1::9kktd-1721738345636-600de8083356
server: cloudflare
x-matched-path: /_next/static/media/bloomberg.c14da7bd.png
x-vercel-cache: HIT
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7gc2BTMMhavLVexCsRvVu1FC6%2F8f6XVXXsqMQaCow0TcxAwN%2F5sg3Lhlv3JBaj6J2ZFpKIJDg2B7hPGqbbDefj2inaq7aYr2Zf%2BCj1k6YEFtORYHA89pDEuvnH6JKsFl8kBKviDLAJ%2BhcnvHZsuFgvTZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 8a7bbb342f3a2eb7-LAX

GET
H2 200 image
www.heronfinance.com/_next/ 7 KB
8 KB 84ms
83ms Image
image/webp 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heronfinance.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fprivate-debt-investor.810e157a.png&w=384&q=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11ca491e85ed0a879034e8182ab5eace603101a740ccc2e60d4ab4e3a6681e27

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2310773
x-vercel-imgsrc: 8fe3f80865a4612db13be4b8b41d696f
content-disposition: inline; filename="private-debt-investor.webp"
content-length: 7134
last-modified: Wed, 26 Jun 2024 18:46:12 GMT
x-vercel-id: sfo1::jpzps-1721738345633-21b194855413
server: cloudflare
x-matched-path: /_next/static/media/private-debt-investor.810e157a.png
x-vercel-cache: HIT
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iT1MQBwb4McTRoJst6XUWldjWcoc%2B1wJQd%2FDj6i8xLZJkGuH9X9Xzgy4Z9xBWZAj6ErJg6GiRYeIs4HOwsgUQJlqDgkrKi0CsZBQ%2FgPKn%2B63T4Y53SDtNYqQuIaFFVs5zM0vvJeG%2BkIXtqgDqxylAilB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 8a7bbb342f3b2eb7-LAX

GET
H2 200 image
www.heronfinance.com/_next/ 13 KB
13 KB 88ms
87ms Image
image/webp 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heronfinance.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffinancial-advisor.ef6690b5.png&w=256&q=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cbcddba02f678dc9511c84a011c8c38109a973861fd78d85f231f173e01dffd

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2310773
x-vercel-imgsrc: 9a1c87207057dbbb3fa4059e72ded6a4
content-disposition: inline; filename="financial-advisor.webp"
content-length: 13282
last-modified: Wed, 26 Jun 2024 18:46:12 GMT
x-vercel-id: sfo1::jpzps-1721738345637-ae0fa5f3ea0b
server: cloudflare
x-matched-path: /_next/static/media/financial-advisor.ef6690b5.png
x-vercel-cache: HIT
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FWub7LZFv0mFIjBGNt%2BqLLwKKbAV2qDx4eKV4mjHaXLaEIw%2F4vhXJGsu3GAtwS1ffB5NLYWaJD3etam4reUq46Pe0PTdRdtCnwa4iarr%2FRuTQOwN2wX4b%2FpcdmrOi%2BGJ%2FYn%2F40JrX95OwBTvEpgzNzwi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 8a7bbb342f3c2eb7-LAX

GET
H2 200 returns-chart.aacf49ae.svg
www.heronfinance.com/_next/static/media/ 49 KB
13 KB 77ms
76ms Image
image/svg+xml 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heronfinance.com/_next/static/media/returns-chart.aacf49ae.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5d4a7089faf5694b3d3ecb39d4d535f750b23798d0daae6e02d57922a1e669b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7570888
content-disposition: inline; filename="returns-chart.aacf49ae.svg"
x-vercel-id: sfo1::xbfvn-1714167457021-007c58abc412
server: cloudflare
x-matched-path: /_next/static/media/returns-chart.aacf49ae.svg
etag: W/"52eaf59188d8043478bbe37fd7277f45"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2XVw3u0nQfBC4F%2FlrTWxsp8wSde8NUekW1B8l6kWsCvMdhT8bj%2FgJdmqPQQHYXtclkBViwrf262nMoniCd3pbdG8L8fVzU6NkijttrPitfBMu0z%2FLqaOoHmKc6Q%2B7LxbnuVYZw5OX5fsx5YHVvCpyH6h"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8a7bbb342f3e2eb7-LAX

GET
H2 200 0d4f340eb04bcaf2-s.p.woff2
www.heronfinance.com/_next/static/media/ 47 KB
0 1ms
1ms Font
font/woff2 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heronfinance.com/_next/static/media/0d4f340eb04bcaf2-s.p.woff2
Requested by: Host: www.heronfinance.com
URL: https://www.heronfinance.com/_next/static/chunks/1dd3208c-cd5a8946e72cbe92.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1347d9ce51be7b9396d657e1ad1a55d205c4822572c9f8a9a1c5e6b9889a534

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
Origin: https://www.heronfinance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7571385
content-disposition: inline; filename="0d4f340eb04bcaf2-s.p.woff2"
content-length: 48054
x-vercel-id: sfo1::zv9gr-1714166960884-6cb45ac9364f
server: cloudflare
x-matched-path: /_next/static/media/0d4f340eb04bcaf2-s.p.woff2
etag: "27454052007e66ce9ffea75429bbcb33"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FSFxEuGcrC0NuuzO9tFOKG6NugawBPyAF3ddaK1PsYG1c29fKgsmK7XZ0f1Qwvp7gxz1JiDpwCSzPYev%2BmPT97Gxqu4uxyjt6RHX73xOkXr2em7BmvEGroFdggBTJ5Lcg8jeSg1U9krPU0xrkiB%2FZqPc"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8a7bbb32cdb92eb7-LAX

GET
H2 200 2ef437677851b4e5-s.p.woff2
www.heronfinance.com/_next/static/media/ 47 KB
0 1ms
1ms Font
font/woff2 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heronfinance.com/_next/static/media/2ef437677851b4e5-s.p.woff2
Requested by: Host: www.heronfinance.com
URL: https://www.heronfinance.com/_next/static/chunks/1dd3208c-cd5a8946e72cbe92.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07c28f84d700d4fff8a6b60f531fc0404ff07337a9860fbb267d277658430bfb

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
Origin: https://www.heronfinance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1687699
content-disposition: inline; filename="2ef437677851b4e5-s.p.woff2"
content-length: 48445
x-vercel-id: sfo1::8s4lh-1720050646469-a7884c433b09
server: cloudflare
x-matched-path: /_next/static/media/2ef437677851b4e5-s.p.woff2
etag: "738937703493b0a3a317475099129245"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xrJLYAkzyiLRLN81NTI9eguzD8oE4V7EDgPDILjuqVdhR3eKdjcPPIZi7qml0YBilObjwqllHND%2B8fCQQMAx4RHWXqPQ5qDrgNp6qKmQB2eKOThlhDB90EP%2FhDjQRSG%2FBb%2FdSTR5cyN30Y2rgC%2BESIaF"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8a7bbb32cdba2eb7-LAX

GET
H2 200 413845fc27dec603-s.p.woff2
www.heronfinance.com/_next/static/media/ 44 KB
0 2ms
1ms Font
font/woff2 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heronfinance.com/_next/static/media/413845fc27dec603-s.p.woff2
Requested by: Host: www.heronfinance.com
URL: https://www.heronfinance.com/_next/static/chunks/1dd3208c-cd5a8946e72cbe92.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ecf11dbbb6026fc363228c30df6822ba248c67782250b4b50a48823e6e8d75f

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
Origin: https://www.heronfinance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7571385
content-disposition: inline; filename="413845fc27dec603-s.p.woff2"
content-length: 44620
x-vercel-id: sfo1::9sszb-1714166960895-022a2f1fd262
server: cloudflare
x-matched-path: /_next/static/media/413845fc27dec603-s.p.woff2
etag: "866dd488d2ea0f9efc163dda970ab176"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N7Th9Q5AVmEp0608unakn9UfGgmW98cQUqwb8cCf0vvE8GTjxMNf6o%2BpkEcwxRne6EaG%2Bt%2BI00PWfMFbZv1yuchlXVoti6sbt9AtJzRofLMeFS%2BIPHYPP0Xwj7Jkq6UuqsFnoLrsSQcY26BxsoC%2BmaZf"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8a7bbb32cdbd2eb7-LAX

GET
H2 200 4e28792240cfb706-s.p.woff2
www.heronfinance.com/_next/static/media/ 45 KB
0 2ms
2ms Font
font/woff2 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heronfinance.com/_next/static/media/4e28792240cfb706-s.p.woff2
Requested by: Host: www.heronfinance.com
URL: https://www.heronfinance.com/_next/static/chunks/1dd3208c-cd5a8946e72cbe92.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 748e2353ab2ae772a2c6515b5277598872db141dab94c0a0a9baa0a94b3fb7d4

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
Origin: https://www.heronfinance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7571385
content-disposition: inline; filename="4e28792240cfb706-s.p.woff2"
content-length: 46031
x-vercel-id: sfo1::nllnl-1714166960894-1411ed76b2fa
server: cloudflare
x-matched-path: /_next/static/media/4e28792240cfb706-s.p.woff2
etag: "4a2a7f5697143c7051473a3083b8f466"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HCRqvF%2F750ijhwRFCPKBhO4NEKT1Y64cloSn1buEKd15hErZAKo8G4aTi2kHL9WM63YfDEuOEiF%2BxCiN36Z7fm3v1aOM4amB6UMVPfjMMYpC1O57Zc502P%2BTTxKUEgvS3%2B8ciRgfen4XJzztPE8kysfm"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8a7bbb32cdc02eb7-LAX

GET
H2 200 a2e43d7f816f4e09-s.p.woff2
www.heronfinance.com/_next/static/media/ 47 KB
0 2ms
1ms Font
font/woff2 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heronfinance.com/_next/static/media/a2e43d7f816f4e09-s.p.woff2
Requested by: Host: www.heronfinance.com
URL: https://www.heronfinance.com/_next/static/chunks/1dd3208c-cd5a8946e72cbe92.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd362131b4f6270404e2a90a6d710b86e888de0b2a79094fcb7c16a66e51f130

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
Origin: https://www.heronfinance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7571385
content-disposition: inline; filename="a2e43d7f816f4e09-s.p.woff2"
content-length: 47878
x-vercel-id: sfo1::sx9wx-1714166960894-1cbb1854b171
server: cloudflare
x-matched-path: /_next/static/media/a2e43d7f816f4e09-s.p.woff2
etag: "7d3dc0df1e15efc86cae83b7e6ad0a28"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zRekZr1K6%2BYQYCnPqGHsn29nUQ26YfFhyRimO57aoCvR41JQ8S4Z30Ec4RKtZnzXgGncHzW3jN%2BlrrSkufh9kahZc6wWbTqsI3R4aJCECLaDX3HycFhwis%2Fr6z97BzrStA1%2FmhJBL2kYSZvIRxHkTFzG"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8a7bbb32cdc12eb7-LAX

POST
H2

200

decide Show response
www.heronfinance.com/api/ingest/
Redirect Chain

https://www.heronfinance.com/api/ingest/decide/?v=3&ip=1&_=1721738345734&ver=1.130.1&compression=base64
https://www.heronfinance.com/api/ingest/decide?v=3&ip=1&_=1721738345734&ver=1.130.1&compression=base64

985 B
865 B

200ms
198ms

XHR
application/json

2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/api/ingest/decide?v=3&ip=1&_=1721738345734&ver=1.130.1&compression=base64

Protocol

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eb2f41394a994494ad128de4dc3f359f84b04a300cd100a35809703460b7d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
x-envoy-upstream-service-time: 32
referrer-policy: same-origin
x-vercel-id: sfo1::jpzps-1721738345875-64a1064bdd88
cross-origin-opener-policy: same-origin
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.heronfinance.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MIhiZACfJThvMT554rUQMpO2Kla20nHGBn3KoIV30eDdAcYULqedT8YUg15EKrdqSjb815Qm%2FKZNFcW3nMfv5TEWvQe2w3LNTfPfisp70338DFQnw8dNU6KQTQ9Ix8XkBcNxK1dbyehrFG78jcj%2FpIY6"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8a7bbb35a8dc2eb7-LAX
access-control-allow-headers: X-Requested-With,Content-Type

Redirect headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id: sfo1::m6x5s-1721738345785-cebcc034d28c
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tZnOIcLTJd7EL7%2Bxr0waFeFz7zkpVUr8xgztmNFFSomBcmJQtb1gfxXoqBXD0wSoapsIOL1NBlT0gHFz%2BuAxqz%2FNFvuWoqWnrO%2BHsMsvTL2aR7h%2B2pVHXn5dSLWFvlLYU5wjbgAPFR8u%2FhNmCMNEEgQ4"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
location: /api/ingest/decide?v=3&ip=1&_=1721738345734&ver=1.130.1&compression=base64
cache-control: public, max-age=0, must-revalidate
refresh: 0;url=/api/ingest/decide?v=3&ip=1&_=1721738345734&ver=1.130.1&compression=base64
cf-ray: 8a7bbb3508342eb7-LAX

POST
H2

200

e Show response
www.heronfinance.com/api/ingest/
Redirect Chain

https://www.heronfinance.com/api/ingest/e/?ip=1&_=1721738345758&ver=1.130.1&compression=base64
https://www.heronfinance.com/api/ingest/e?ip=1&_=1721738345758&ver=1.130.1&compression=base64

13 B
691 B

183ms
181ms

XHR
application/json

2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/api/ingest/e?ip=1&_=1721738345758&ver=1.130.1&compression=base64

Protocol

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
x-envoy-upstream-service-time: 7
referrer-policy: same-origin
x-vercel-id: sfo1::v4242-1721738345888-f229b19b6267
cross-origin-opener-policy: same-origin
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.heronfinance.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=81jXKFluFcjVGy9Qa849UxhoLSblnlMsDBQ1U9ILQ3sSnOxoNghZVp0CODBlh90HBT6axLZ1LJf868Ec12QFP63C6zhCJ3RvHNy9fc5%2FcQhsn3%2FcoR5KbPD8MzIEf7Q76yF69g3vzO%2B0Pf5yqD1KkBkX"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8a7bbb35b8e62eb7-LAX
access-control-allow-headers: X-Requested-With,Content-Type

Redirect headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id: sfo1::m6x5s-1721738345801-e0002b1e7e57
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vEJnYZY3jGCrypCE9B4e5%2Frbug61t%2BKpTDnWOho8RzldyRuYFhacdjqdLpvfinmf%2BMc1KDJHwtLldWROiVzdgKjGjzgHSsD9400Z0U5rKdAr3WXuu7QE8ElYcjVG4S2di9mpnP%2FZdMsMjsUj%2BoZOxmhv"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
location: /api/ingest/e?ip=1&_=1721738345758&ver=1.130.1&compression=base64
cache-control: public, max-age=0, must-revalidate
refresh: 0;url=/api/ingest/e?ip=1&_=1721738345758&ver=1.130.1&compression=base64
cf-ray: 8a7bbb35285a2eb7-LAX

GET
H2 200 bbsre0qc Show response
widget.intercom.io/widget/ 7 KB
3 KB 442ms
155ms Script
application/javascript 13.249.190.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/bbsre0qc
Requested by: Host: www.heronfinance.com
URL: https://www.heronfinance.com/_next/static/chunks/app/layout-2766523fb8d62d35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.190.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-190-85.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5163ee3d253502f72a8cceaedefcb13b9a9f7e89d3647d5ef19fee472ee4163d

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: _yOQsbaDLwppP3_y2IkSTkkFDFVGNhrd
content-encoding: gzip
via: 1.1 06f6a7dfc3fba0a483f31f7c59a39602.cloudfront.net (CloudFront)
date: Tue, 23 Jul 2024 12:34:41 GMT
x-amz-cf-pop: BOS50-C2
age: 279
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2670
last-modified: Tue, 23 Jul 2024 11:29:22 GMT
server: AmazonS3
etag: "cf970708e16090e4fe6bcde630d736ef"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: 822fzKux_mRPX9mTGTnszF2Q2g84s_9MVmuLebmpI75BGPg4urxB2g==

POST
H2 204 rum Show response
www.heronfinance.com/cdn-cgi/ 0
217 B 68ms
66ms XHR
text/plain 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.heronfinance.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8a7bbb35386e2eb7-LAX

GET
H2 200 favicon.png
www.heronfinance.com/assets/favicon/ 5 KB
5 KB 137ms
136ms Other
image/png 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/assets/favicon/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

197f0b4689fdeda9ac2f895fa65c5abc54162c5f7653f83a413fd01a7a88cee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
strict-transport-security: max-age=63072000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="favicon.png"
content-length: 5116
x-vercel-id: sfo1::6fg6n-1714166962242-3a7faef30598
server: cloudflare
x-matched-path: /assets/favicon/favicon.png
etag: "1cc4934e25d93edda423efc10054f63e"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2gs5hFK6oQAsErYEvISWdl6pD3KNexe%2BtyFYZX%2FTFgf%2BcYWhmvlOLd5G%2BlJISr6jU6omuZsn9dXF2LB0pbt%2BUDSIbfkc8a86nxCBnUpqE6TMijwloyY%2FqiBa81gT4BTaoUwzyBDbBMGTrsFRXKR3rdfm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a7bbb3548842eb7-LAX

GET
H2 200 how-it-works
www.heronfinance.com/ 139 B
0 184ms
183ms Fetch
text/x-component 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/how-it-works?_rsc=uk14z

Requested by

Host: www.heronfinance.com
URL: https://www.heronfinance.com/_next/static/chunks/286-8a2a2615f3db111d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(navigable)%22%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22transaction_id%5C%22%3A%5C%221021a6e0aa5f2e8f70ebb084c8a084%5C%22%2C%5C%22utm_source%5C%22%3A%5C%22wellput%5C%22%2C%5C%22utm_medium%5C%22%3A%5C%22email%5C%22%2C%5C%22utm_campaign%5C%22%3A%5C%22International%20Intrigue%5C%22%2C%5C%22utm_content%5C%22%3A%5C%22v2-r4181-p130980-c1318%5C%22%7D%22%2C%7B%7D%2C%22%2F%3Ftransaction_id%3D1021a6e0aa5f2e8f70ebb084c8a084%26utm_source%3Dwellput%26utm_medium%3Demail%26utm_campaign%3DInternational%2BIntrigue%26utm_content%3Dv2-r4181-p130980-c1318%22%2C%22refresh%22%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D
Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
Next-Router-Prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Next-Url: /
RSC: 1

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: Next.js
x-vercel-id: sfo1::iad1::jgf2x-1721738345874-21b1e627dc48
server: cloudflare
x-matched-path: /how-it-works.rsc
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-vercel-execution-region: iad1
content-type: text/x-component
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=84QHwJWpspRUeQREKQ0TAAReGNgv6BRc5nANto4T3DImB3%2FFDUPvy6%2Bfo71FdxVs%2BEjj1PWCRoUqZ6wK%2F9TrIPnNARJmnXq8OLLxFHm%2B8QqOUMnQXOTAmLj3Rc3CsWcmB2m4RQkUUna80uOHYctooxhM"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8a7bbb35a8d82eb7-LAX

GET
H2 200 curated-investments Show response
www.heronfinance.com/ 153 B
635 B 173ms
172ms Fetch
text/x-component 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/curated-investments?_rsc=uk14z

Requested by

Host: www.heronfinance.com
URL: https://www.heronfinance.com/_next/static/chunks/286-8a2a2615f3db111d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

670c273aa2e8a44af44aa484a96d2f06f2539e20a0f2fb75ddb8f2696c800bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(navigable)%22%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22transaction_id%5C%22%3A%5C%221021a6e0aa5f2e8f70ebb084c8a084%5C%22%2C%5C%22utm_source%5C%22%3A%5C%22wellput%5C%22%2C%5C%22utm_medium%5C%22%3A%5C%22email%5C%22%2C%5C%22utm_campaign%5C%22%3A%5C%22International%20Intrigue%5C%22%2C%5C%22utm_content%5C%22%3A%5C%22v2-r4181-p130980-c1318%5C%22%7D%22%2C%7B%7D%2C%22%2F%3Ftransaction_id%3D1021a6e0aa5f2e8f70ebb084c8a084%26utm_source%3Dwellput%26utm_medium%3Demail%26utm_campaign%3DInternational%2BIntrigue%26utm_content%3Dv2-r4181-p130980-c1318%22%2C%22refresh%22%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D
Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
Next-Router-Prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Next-Url: /
RSC: 1

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: Next.js
x-vercel-id: sfo1::iad1::9kktd-1721738345875-70b07b5ce408
server: cloudflare
x-matched-path: /curated-investments.rsc
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-vercel-execution-region: iad1
content-type: text/x-component
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8qIhv%2BN8LzzPgOm3hBeuzHMHA9OlVP3ALB5mTq431b7Cb2N4x8BimfSXdtTWQyE7OS47Q4HOUArD1GWWLApwqiYjfQp4w5S3UnCRK9RgSgBFktIP9TcAlmWYk70X%2FzdI5c5%2BZUB%2BxhZ98KCQBRZegEx3"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8a7bbb35a8d92eb7-LAX

GET
H2 200 about Show response
www.heronfinance.com/ 125 B
460 B 173ms
173ms Fetch
text/x-component 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/about?_rsc=uk14z

Requested by

Host: www.heronfinance.com
URL: https://www.heronfinance.com/_next/static/chunks/286-8a2a2615f3db111d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

d84b0cd58c28f397d22a761dc27da208bda69da945c20b99a01f15c8489c9f7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(navigable)%22%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22transaction_id%5C%22%3A%5C%221021a6e0aa5f2e8f70ebb084c8a084%5C%22%2C%5C%22utm_source%5C%22%3A%5C%22wellput%5C%22%2C%5C%22utm_medium%5C%22%3A%5C%22email%5C%22%2C%5C%22utm_campaign%5C%22%3A%5C%22International%20Intrigue%5C%22%2C%5C%22utm_content%5C%22%3A%5C%22v2-r4181-p130980-c1318%5C%22%7D%22%2C%7B%7D%2C%22%2F%3Ftransaction_id%3D1021a6e0aa5f2e8f70ebb084c8a084%26utm_source%3Dwellput%26utm_medium%3Demail%26utm_campaign%3DInternational%2BIntrigue%26utm_content%3Dv2-r4181-p130980-c1318%22%2C%22refresh%22%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D
Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
Next-Router-Prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Next-Url: /
RSC: 1

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: Next.js
x-vercel-id: sfo1::iad1::nqqbr-1721738345875-7eade0ae09af
server: cloudflare
x-matched-path: /about.rsc
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-vercel-execution-region: iad1
content-type: text/x-component
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=joMCjsElMuXT1%2F%2F78oU0nS%2Bsy0GYvAA5%2Fw91uF%2B3gWZXWyp7vkVbffcO%2Ba%2FbHduXz2lmDmilC6yRnIPm79jdtZP1KFMl12yuU3WypVbyIgQH3YruLEfpnyQeG4DUOgmFS8Yl909Erf2Q4mTVeuQrhX9W"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8a7bbb35a8da2eb7-LAX

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
14 KB 371ms
119ms Script
application/javascript 2600:1408:ec00:1e::1735:23ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:ec00:1e::1735:23ea Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dbfeb010a0c8acddc38dea97e228787f16ac5e30b4af96b764fa2252fe3827e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Jul 2024 09:19:33 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=83321
accept-ranges: bytes
content-length: 14011

GET
H/1.1

200
OK

pix3l.f8c44e08eaaef89dcc68.production.js Show response
v1.slise.xyz/scripts/
Redirect Chain

https://v1.slise.xyz/scripts/pix3l.js
https://v1.slise.xyz/scripts/pix3l.f8c44e08eaaef89dcc68.production.js

8 KB
9 KB

116ms
116ms

Script
text/plain

13.58.10.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.slise.xyz/scripts/pix3l.f8c44e08eaaef89dcc68.production.js
Protocol: HTTP/1.1
Server: 13.58.10.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-10-93.us-east-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: 62f85d49567a9094a5a509b7b52649ea5c7985854c9e42352cab9b2ae6b48169

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 12:39:06 GMT
Last-Modified: Mon, 03 Jun 2024 15:03:37 GMT
Server: nginx/1.23.3
ETag: "665ddb49-219d"
Content-Type: text/plain
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8605

Redirect headers

Location: https://v1.slise.xyz/scripts/pix3l.f8c44e08eaaef89dcc68.production.js
Date: Tue, 23 Jul 2024 12:39:06 GMT
Server: nginx/1.23.3
Connection: keep-alive
Content-Length: 171
Content-Type: text/html

GET
H2 200 favicon.png
www.heronfinance.com/assets/favicon/ 5 KB
0 0ms
0ms Other
image/png 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heronfinance.com/assets/favicon/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 197f0b4689fdeda9ac2f895fa65c5abc54162c5f7653f83a413fd01a7a88cee6

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:05 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="favicon.png"
content-length: 5116
x-vercel-id: sfo1::6fg6n-1714166962242-3a7faef30598
server: cloudflare
x-matched-path: /assets/favicon/favicon.png
etag: "1cc4934e25d93edda423efc10054f63e"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2gs5hFK6oQAsErYEvISWdl6pD3KNexe%2BtyFYZX%2FTFgf%2BcYWhmvlOLd5G%2BlJISr6jU6omuZsn9dXF2LB0pbt%2BUDSIbfkc8a86nxCBnUpqE6TMijwloyY%2FqiBa81gT4BTaoUwzyBDbBMGTrsFRXKR3rdfm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a7bbb3548842eb7-LAX

GET
H2 200 recorder.js Show response
www.heronfinance.com/api/ingest/static/ 106 KB
38 KB 72ms
71ms Script
text/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/api/ingest/static/recorder.js?v=1.130.1

Requested by

Host: www.heronfinance.com
URL: https://www.heronfinance.com/_next/static/chunks/579-b44fca1b2257a3a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f18a909efabf1ff789f032cdd4a6d6d1dde2c35bceeec68577327978b326600c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7280512
x-envoy-upstream-service-time: 5
referrer-policy: same-origin
last-modified: Mon, 29 Apr 2024 23:50:30 GMT
x-vercel-id: sfo1::77gm9-1714457834322-7a60baa0531a
cross-origin-opener-policy: same-origin
server: cloudflare
vary: Cookie, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KiPD0UNjQL1hQ2zhvh2xyI4lmUd8Qokvx%2FClUi6R8NevFWsxYHrExelXIXxbUDBNHbExfrfhKLm%2B17J8I82BS5RcYlcZraXYwvMdJYJTqkgJquaU3NyWdzC6mN1F7qr0LGS36eV%2B90LhqwB4cmQVhHnp"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8a7bbb36ea6b2eb7-LAX

GET
H2 200 surveys.js Show response
www.heronfinance.com/api/ingest/static/ 63 KB
21 KB 220ms
220ms Script
text/javascript 2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/api/ingest/static/surveys.js

Requested by

Host: www.heronfinance.com
URL: https://www.heronfinance.com/_next/static/chunks/579-b44fca1b2257a3a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

166c3427559c8ace2fe70a7b17de2eedcd58b64902924d65345f949ee0794288

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 26
referrer-policy: same-origin
last-modified: Tue, 23 Jul 2024 12:01:18 GMT
x-vercel-id: sfo1::dgxq5-1721737755200-a4b9ee07c9ed
cross-origin-opener-policy: same-origin
server: cloudflare
vary: Cookie, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CPrGnt5gJBvsCAsmlpoCCx9lxgGpHqT%2FEB0OGZDfP%2BYYMverNjIvGIC4JeYcfs3GBOr07NkZflBq132CVj%2B7ccYcLeOvqYXgdTd1iQHKIDkpO5GVa55tTQSYZLxJqaG1x2NjoC2qQeuIKrtrZU2v1IvN"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8a7bbb36ea6e2eb7-LAX

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 319 KB
104 KB 141ms
140ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TP5TNJ3T8W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLX3H73D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b396cd407fcbd620ae7571c359bc1f8392059d38802309f41a16ce940f5952bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106485
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 23 Jul 2024 12:39:06 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 672ms
500ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLX3H73D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:06 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 20 Jun 2024 19:23:03 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12116

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 364ms
121ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 23 Jul 2024 12:39:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=12, mss=1297, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: g/AONZ/ml0zSmGZhjX5noJb0k3+J2NJq/3v62MZRVjZbMEq6cBG4wwLA+IaI4kPJUi7bCiWAEHQJaG0DmX5jBw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 A5399656-f111-4224-88f6-c5b90bf2c7791.js Show response
utt.impactcdn.com/ 37 KB
15 KB 269ms
114ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://utt.impactcdn.com/A5399656-f111-4224-88f6-c5b90bf2c7791.js
Requested by: Host: www.heronfinance.com
URL: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 16362a89161aa8679c73802113c93a7972f3e550a1ea163ee2974090b90130f1

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:06 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ACJd0NpXg7IEprDcy0ef8F-WWrMwFUwIWP8VGGHFnXTs7qSSgKbHWSxf7SamLiYFZR-mJNmNnMg9iuaum7qt97g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15330
last-modified: Tue, 30 Apr 2024 19:25:43 GMT
server: UploadServer
etag: "b694918b3a5b42fed314d5733affb9e5"
vary: Accept-Encoding
x-goog-generation: 1714505143151777
x-goog-hash: crc32c=p/ElPw==, md5=tpSRizpbQv7TFNVzOv+55Q==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 15330
accept-ranges: bytes
expires: Tue, 23 Jul 2024 12:44:06 GMT

GET
H2 200 frame-modern.51972aa2.js Show response
js.intercomcdn.com/ Frame C002 459 KB
139 KB 744ms
453ms Script
application/javascript 18.161.34.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.51972aa2.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/bbsre0qc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.34.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-34-8.bos50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7592b226a968b432f0fa7a2c4e9bb4bcbc3850d37340ff4e284d98af1f4eed9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 11:29:26 GMT
content-encoding: gzip
via: 1.1 d0daabb98cd0fc162d7c43638940fc12.cloudfront.net (CloudFront)
x-amz-version-id: y2PpZeY_5R.ZZzrtxD30axJGTIyZz8F.
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: BOS50-P2
age: 4181
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 141136
last-modified: Tue, 23 Jul 2024 11:26:23 GMT
server: AmazonS3
etag: "ad75396f4e56c5c00945e5fb9d6a7270"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 8ZyQhsjaoeH9cmBOOq8YyLdgc1v8g01z2yod-pye4H7MVSbUQPajsQ==

GET
H2 200 vendor-modern.bc52aebd.js Show response
js.intercomcdn.com/ Frame C002 455 KB
145 KB 438ms
147ms Script
application/javascript 18.161.34.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.bc52aebd.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/bbsre0qc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.34.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-34-8.bos50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

eea9f67534400ce075ffffb3d0f45c43300e6c6e244d5b566dca5fedb480e087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: mK5qJI0obUp4mULwFW6rmHKSdjbq_5Dz
content-encoding: gzip
via: 1.1 d0daabb98cd0fc162d7c43638940fc12.cloudfront.net (CloudFront)
date: Tue, 23 Jul 2024 11:55:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: BOS50-P2
age: 2589
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 147287
last-modified: Mon, 22 Jul 2024 18:44:31 GMT
server: AmazonS3
etag: "045ab66ea0acdc79774f2aae33a45b67"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: V9CX0LdeR0LY-D8ZiBWEnZ2xlJoWnzmZ-BLlg0Qeagg7PEC_6HlwQg==

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
979 B 308ms
180ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=5869618&time=1721738346234&url=https%3A%2F%2Fwww.heronfinance.com%2F%3Ftransaction_id%3D1021a6e0aa5f2e8f70ebb084c8a084%26utm_source%3Dwellput%26utm_medium%3Demail%26utm_campaign%3DInternational%2BIntrigue%26utm_content%3Dv2-r4181-p130980-c1318
Requested by: Host: www.heronfinance.com
URL: https://www.heronfinance.com/api/ingest/static/recorder.js?v=1.130.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:06 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-cache: CONFIG_NOCACHE
x-li-uuid: AAYd6XKIoKIj7622M+xMHw==
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 25204BA5593C4432AE6F2900A847346A Ref B: LAX311000114049 Ref C: 2024-07-23T12:39:06Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-fs-uuid: 00061de97288a0a223efadb633ec4c1f

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5869618&time=1721738346234&url=https%3A%2F%2Fwww.heronfinance.com%2F%3Ftransaction_id%3D1021a6e0aa5f2e8f70ebb084c8a084%26utm_source%3Dwellput%26ut...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5869618&time=1721738346234&url=https%3A%2F%2Fwww.heronfinance.com%2F%3Ftransaction_id%3D1021a6e0aa5f2e8f70ebb084c8a084%26utm_source%3Dwellput%26u...

0
166 B

264ms
263ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5869618&time=1721738346234&url=https%3A%2F%2Fwww.heronfinance.com%2F%3Ftransaction_id%3D1021a6e0aa5f2e8f70ebb084c8a084%26utm_source%3Dwellput%26utm_medium%3Demail%26utm_campaign%3DInternational%2BIntrigue%26utm_content%3Dv2-r4181-p130980-c1318&e_ipv6=AQLv0VMaMBAbGAAAAZDfmj9CTVg8kYfm3cvZeafPV64FPtUmIZF1DNr7emTuacaZ6fdtYQ
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:06 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: AF9C9930B9514BB79D3EBF9490434B81 Ref B: LAX311000115019 Ref C: 2024-07-23T12:39:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYd6XKLERgImDnasLsSHQ==

Redirect headers

date: Tue, 23 Jul 2024 12:39:05 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 911528A69D824B55AABA64284C7677A9 Ref B: LAX311000110029 Ref C: 2024-07-23T12:39:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5869618&time=1721738346234&url=https%3A%2F%2Fwww.heronfinance.com%2F%3Ftransaction_id%3D1021a6e0aa5f2e8f70ebb084c8a084%26utm_source%3Dwellput%26utm_medium%3Demail%26utm_campaign%3DInternational%2BIntrigue%26utm_content%3Dv2-r4181-p130980-c1318&e_ipv6=AQLv0VMaMBAbGAAAAZDfmj9CTVg8kYfm3cvZeafPV64FPtUmIZF1DNr7emTuacaZ6fdtYQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYd6XKG/RN2HATo3w2UXQ==

GET
H2

200

surveys Show response
www.heronfinance.com/api/ingest/api/
Redirect Chain

https://www.heronfinance.com/api/ingest/api/surveys/?token=phc_STWNXX6UmGrvlJBznC84gZwoHpqLzMekm4IgDxPsnUi&ip=1&_=1721738346265&ver=1.130.1
https://www.heronfinance.com/api/ingest/api/surveys?token=phc_STWNXX6UmGrvlJBznC84gZwoHpqLzMekm4IgDxPsnUi&ip=1&_=1721738346265&ver=1.130.1

15 B
520 B

204ms
203ms

XHR
application/json

2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/api/ingest/api/surveys?token=phc_STWNXX6UmGrvlJBznC84gZwoHpqLzMekm4IgDxPsnUi&ip=1&_=1721738346265&ver=1.130.1

Protocol

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0215eabc84d0abf65e91810ea80b0cc94f3502d8fcc59846bd7ea450fe7d6d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
date: Tue, 23 Jul 2024 12:39:06 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 19
content-length: 15
referrer-policy: same-origin
x-vercel-id: sfo1::4cfhh-1721738346404-be7563cb19a4
cross-origin-opener-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1kXWFmOE4BngQfz%2BTz3Y7yB56PL8jmWZ2SBbe5YGZwCMPHDnp%2FWv47CfvP5cTIe62%2FCVimSwkpm11dU2HM9jcyAXgsj%2BL5LNq%2BkAPmUCeRUX5ALvP1Ml5rdflHzDwgYhajJ%2BlcIx1vdHqpKjxnXl828d"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public, max-age=0, must-revalidate
cf-ray: 8a7bbb38fcde2eb7-LAX

Redirect headers

date: Tue, 23 Jul 2024 12:39:06 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id: sfo1::4cfhh-1721738346309-1ed6387c2160
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9SG4k4czicfpi6DcYcMcSLYiMpJjE9rFw1LcQZ1%2B%2B7nwPZuybQ1tW4pJS5VPkRH0KYd0BS8HmpPPq3wpEQ9mv6KMqfPnRaLJiURA9dj9u%2Fy6zSk5xzNoYN85euN8DFrepAETYM0LtzA0Dk7hpWLGturq"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
location: /api/ingest/api/surveys?token=phc_STWNXX6UmGrvlJBznC84gZwoHpqLzMekm4IgDxPsnUi&ip=1&_=1721738346265&ver=1.130.1
cache-control: public, max-age=0, must-revalidate
refresh: 0;url=/api/ingest/api/surveys?token=phc_STWNXX6UmGrvlJBznC84gZwoHpqLzMekm4IgDxPsnUi&ip=1&_=1721738346265&ver=1.130.1
cf-ray: 8a7bbb385c122eb7-LAX

POST
H2 204 collect Show response
www.google-analytics.com/g/ 0
258 B 369ms
123ms Fetch
text/plain 2607:f8b0:400d:c07::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TP5TNJ3T8W&gtm=45je47h0v9172249652z89172470156za200zb9172470156&_p=1721738345794&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=196505938.1721738346&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721738346&sct=1&seg=0&dl=https%3A%2F%2Fwww.heronfinance.com%2F%3Ftransaction_id%3D1021a6e0aa5f2e8f70ebb084c8a084%26utm_source%3Dwellput%26utm_medium%3Demail%26utm_campaign%3DInternational%2BIntrigue%26utm_content%3Dv2-r4181-p130980-c1318&dt=Heron%20Finance&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2395&_z=fetch
Requested by: Host: www.heronfinance.com
URL: https://www.heronfinance.com/api/ingest/static/recorder.js?v=1.130.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c07::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 12:39:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heronfinance.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK track Show response
v1.slise.xyz/ 102 B
541 B 156ms
154ms Fetch
application/json 13.58.10.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.slise.xyz/track
Requested by: Host: www.heronfinance.com
URL: https://www.heronfinance.com/api/ingest/static/recorder.js?v=1.130.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.58.10.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-10-93.us-east-2.compute.amazonaws.com
Software: nginx/1.23.3 / Express
Resource Hash: 2c32f3c538c412c3eed9009f19a50b654205ac3ec72e6d797e8a8380eabc8abb

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 23 Jul 2024 12:39:06 GMT
Server: nginx/1.23.3
X-Powered-By: Express
ETag: W/"66-kercAhKZ+FrN9Bjb3nCuIjBCbvc"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.heronfinance.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 102

OPTIONS
H/1.1 204
No Content track
v1.slise.xyz/ Frame 0
0 346ms
115ms Preflight 13.58.10.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.slise.xyz/track
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.58.10.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-10-93.us-east-2.compute.amazonaws.com
Software: nginx/1.23.3 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heronfinance.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.heronfinance.com
Connection: keep-alive
Content-Length: 0
Date: Tue, 23 Jul 2024 12:39:06 GMT
Server: nginx/1.23.3
Vary: Origin, Access-Control-Request-Headers
X-Powered-By: Express

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
201 B 143ms
142ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: www.heronfinance.com
URL: https://www.heronfinance.com/api/ingest/static/recorder.js?v=1.130.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 23 Jul 2024 12:39:06 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: BB046BBBA5D14AD7BB09EB9ED290D917 Ref B: LAX311000110029 Ref C: 2024-07-23T12:39:06Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://www.heronfinance.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYd6XKNaLQFibADXj7rzA==

GET
H2 200 923176472713452 Show response
connect.facebook.net/signals/config/ 61 KB
13 KB 179ms
178ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/923176472713452?v=2.9.162&r=stable&domain=www.heronfinance.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

49ea420fea73651c2d65d95346bb1bee41dc1c45bccb496cd1f35d1869fd1a30

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 23 Jul 2024 12:39:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=64, mss=1297, tbw=64155, tp=-1, tpl=-1, uplat=58, ullat=0
pragma: public
x-fb-debug: 7NlBWdni8vKEBqWxc5oPtyvaIXWtzpMFt8sqo42pL+wqhQCu9a+qjX6t1FUJs0JUs1GNDno12RZjCCT77sibBg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/a2_f7wv4wkz58tt/ 3 B
124 B 254ms
120ms XHR
application/json 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/a2_f7wv4wkz58tt/config
Requested by: Host: www.heronfinance.com
URL: https://www.heronfinance.com/api/ingest/static/recorder.js?v=1.130.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:06 GMT
content-encoding: gzip
via: 1.1 varnish
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 27

GET
H2 200 a2_f7wv4wkz58tt_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
699 B 855ms
727ms XHR
application/json 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_f7wv4wkz58tt_telemetry
Requested by: Host: www.heronfinance.com
URL: https://www.heronfinance.com/api/ingest/static/recorder.js?v=1.130.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:07 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 97

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 203ms
69ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1721738346760&id=a2_f7wv4wkz58tt&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=191a2bfb-cbde-468a-991d-1d2debc4cc66&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:06 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H/1.1 200
OK tpe Show response
v1.slise.xyz/analytics/ 2 B
340 B 117ms
116ms Fetch
text/html 13.58.10.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.slise.xyz/analytics/tpe
Requested by: Host: www.heronfinance.com
URL: https://www.heronfinance.com/api/ingest/static/recorder.js?v=1.130.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.58.10.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-10-93.us-east-2.compute.amazonaws.com
Software: nginx/1.23.3 / Express
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 23 Jul 2024 12:39:07 GMT
Server: nginx/1.23.3
X-Powered-By: Express
ETag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
Vary: Origin
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.heronfinance.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

OPTIONS
H/1.1 204
No Content tpe
v1.slise.xyz/analytics/ Frame 0
0 115ms
115ms Preflight 13.58.10.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.slise.xyz/analytics/tpe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.58.10.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-10-93.us-east-2.compute.amazonaws.com
Software: nginx/1.23.3 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heronfinance.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.heronfinance.com
Connection: keep-alive
Content-Length: 0
Date: Tue, 23 Jul 2024 12:39:06 GMT
Server: nginx/1.23.3
Vary: Origin, Access-Control-Request-Headers
X-Powered-By: Express

POST
H/1.1 200
OK tpe Show response
v1.slise.xyz/analytics/ 2 B
340 B 119ms
115ms Fetch
text/html 13.58.10.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.slise.xyz/analytics/tpe
Requested by: Host: www.heronfinance.com
URL: https://www.heronfinance.com/api/ingest/static/recorder.js?v=1.130.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.58.10.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-10-93.us-east-2.compute.amazonaws.com
Software: nginx/1.23.3 / Express
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 23 Jul 2024 12:39:07 GMT
Server: nginx/1.23.3
X-Powered-By: Express
ETag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
Vary: Origin
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.heronfinance.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

OPTIONS
H/1.1 204
No Content tpe
v1.slise.xyz/analytics/ Frame 0
0 233ms
115ms Preflight 13.58.10.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.slise.xyz/analytics/tpe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.58.10.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-10-93.us-east-2.compute.amazonaws.com
Software: nginx/1.23.3 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heronfinance.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.heronfinance.com
Connection: keep-alive
Content-Length: 0
Date: Tue, 23 Jul 2024 12:39:07 GMT
Server: nginx/1.23.3
Vary: Origin, Access-Control-Request-Headers
X-Powered-By: Express

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 367ms
121ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=923176472713452&ev=PageView&dl=https%3A%2F%2Fwww.heronfinance.com&rl=&if=false&ts=1721738346961&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1721738346957.911160460760412603&pm=1&hrl=926dc4&ler=empty&cdl=API_unavailable&it=1721738346744&coo=false&cs_cc=1&cas=7304828712929046%2C6358840550885071&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=10, mss=1297, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 23 Jul 2024 12:39:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 439ms
193ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=923176472713452&ev=PageView&dl=https%3A%2F%2Fwww.heronfinance.com&rl=&if=false&ts=1721738346961&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1721738346957.911160460760412603&pm=1&hrl=926dc4&ler=empty&cdl=API_unavailable&it=1721738346744&coo=false&cs_cc=1&cas=7304828712929046%2C6358840550885071&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.heronfinance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 23 Jul 2024 12:39:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7394809894557858214", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=10, mss=1297, tbw=3087, tp=-1, tpl=-1, uplat=71, ullat=0
pragma: no-cache
x-fb-debug: 0NnGRZJdTyHosdiqPBJ4bht3AW9dxLqs3oVQLpsOwpta1lWV/q9n+cFqU2q7LDNXMrGmdPgSQHcNKvlmepsBkw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7394809894557858214"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame C002 4 KB
2 KB 685ms
417ms XHR
application/json 54.210.212.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: www.heronfinance.com
URL: https://www.heronfinance.com/api/ingest/static/recorder.js?v=1.130.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.210.212.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-210-212-221.compute-1.amazonaws.com

Software

nginx /

Resource Hash

885d8131082b1566c60913b7a3bbd474372d86caa0c83b946281ec11a88107aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Jul 2024 12:39:07 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0a2ae833f3889e22c
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0000j7o3ammjv0532030
x-runtime: 0.294454
server: nginx
etag: W/"885d8131082b1566c60913b7a3bbd474"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.heronfinance.com
x-intercom-version: d0939b08cfe1edfa6ad111cd77e67f3868b9f2d0
access-control-expose-headers: x-request-id
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

POST
H2

200

e Show response
www.heronfinance.com/api/ingest/
Redirect Chain

https://www.heronfinance.com/api/ingest/e/?ip=1&_=1721738348734&ver=1.130.1&compression=gzip-js
https://www.heronfinance.com/api/ingest/e?ip=1&_=1721738348734&ver=1.130.1&compression=gzip-js

13 B
513 B

182ms
180ms

XHR
application/json

2606:4700:20::681a:5a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heronfinance.com/api/ingest/e?ip=1&_=1721738348734&ver=1.130.1&compression=gzip-js

Protocol

Server

2606:4700:20::681a:5a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heronfinance.com/?transaction_id=1021a6e0aa5f2e8f70ebb084c8a084&utm_source=wellput&utm_medium=email&utm_campaign=International+Intrigue&utm_content=v2-r4181-p130980-c1318
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
x-envoy-upstream-service-time: 8
referrer-policy: same-origin
x-vercel-id: sfo1::9kktd-1721738348862-d6fec4c02630
cross-origin-opener-policy: same-origin
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.heronfinance.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CXF4HVC%2BH7VSee5XXRLl8TY5JjQ5%2F88iYme1eHb0OXh7mAlWpBOhYbGfKDxfpDlX5yqANz%2BXBA6T3bk%2BrVf4up%2BTfS44ZjUhCs0a5WZk0H9QUyOmydaGh3FHH3OE2o3ZCqzbiwJI9ONKBWbdMxp2Hvr0"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8a7bbb485dc22eb7-LAX
access-control-allow-headers: X-Requested-With,Content-Type

Redirect headers

date: Tue, 23 Jul 2024 12:39:08 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id: sfo1::v4242-1721738348781-32fde477736d
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OF%2FMkE10yC7uRD%2F4bY%2FNM0l%2F%2Bp1lWGXf5msJ6p2KPoXkh9nLI7sXjDukIpCwEQfLlEhL2NqOpE4V%2BJmbpoxTicrKqUNmLoZRXOFMfPTE%2Bx2zUkev5Nj6qS0KP4JImbD2%2BaBDf5Llw72VP77twCXYdJ3p"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
location: /api/ingest/e?ip=1&_=1721738348734&ver=1.130.1&compression=gzip-js
cache-control: public, max-age=0, must-revalidate
refresh: 0;url=/api/ingest/e?ip=1&_=1721738348734&ver=1.130.1&compression=gzip-js
cf-ray: 8a7bbb47cd4b2eb7-LAX

POST collect
www.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TP5TNJ3T8W&gtm=45je47h0v9172249652z89172470156za200zb9172470156&_p=1721738345794&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=196505938.1721738346&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1721738346&sct=1&seg=0&dl=https%3A%2F%2Fwww.heronfinance.com%2F%3Ftransaction_id%3D1021a6e0aa5f2e8f70ebb084c8a084%26utm_source%3Dwellput%26utm_medium%3Demail%26utm_campaign%3DInternational%2BIntrigue%26utm_content%3Dv2-r4181-p130980-c1318&dt=Heron%20Finance&en=Page%20View&_et=4&tfd=7405&_z=fetch

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.clkmg.com/	1970-01-21 07:01:14	Name: vid Value: 1051455847
wellput.go2cloud.org/	1970-01-20 23:00:16	Name: enc_aff_session_143 Value: ENC037fa8d2d8d63dbad9cfa480e480d13bfcfbfccafd388e079237f89809f8bd9c7b6abb4b8df5cc6a49d3b411d34eafa9227bbf44b13066dc1388e1e26d61eee7bcc0bfde4fe2e6e59ff5a6f6d7d2ecb1376a9281c67e594069912f3b8e730e0b22e6deaa84bccc80d865b5bd940e74329ca5bd5666435cd3a9bae577dac8558d8a782836195c34eb9b48d0fd6c3d31b635ba9a0cb2c10799c46598178951d26d7e0bab5990
wellput.go2cloud.org/	1970-01-21 07:51:38	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
.linkedin.com/	1970-01-21 00:25:14	Name: li_sugr Value: e2171c61-f441-4c02-97b0-08dd67a51457
.linkedin.com/	1970-01-21 07:01:14	Name: bcookie Value: "v=2&b8430f3f-208e-4956-8e3e-0edcf8a010af"
.linkedin.com/	1970-01-20 22:17:04	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=3049:u=1:x=1:i=1721738345:t=1721824745:v=2:sig=AQHP5ZVgPuKvt9Bd7Y-00IQ-DybxIaTY"
.linkedin.com/	1970-01-20 22:58:50	Name: UserMatchHistory Value: AQIaVb9YCa1hnAAAAZDfmj1zgjA5Dm0LlCK0aS_loQHBMbM1rZ7P6-BnYfMmAPODpGJ-WyJxOiDjEQ
.linkedin.com/	1970-01-20 22:58:50	Name: AnalyticsSyncHistory Value: AQJj6WC9NFJ27wAAAZDfmj1zFWERKYetHCPDsnINSpXmUtnXqsxungnUMJZeq7V13__2MEQ99aPUn_OfULj8Mw
.www.linkedin.com/	1970-01-21 07:01:14	Name: bscookie Value: "v=1&2024072312390508564941-50c1-48c4-896a-9012bdb3be78AQHawCR1wDOhmb1jq8b31LuqcuDtfWnQ"
.heronfinance.com/	1970-01-21 00:25:14	Name: _gcl_au Value: 1.1.51679070.1721738346
.heronfinance.com/	1970-01-21 07:01:14	Name: impact_custom_profile_id Value: 12e9b806-c32e-418b-a79f-9a74b5b5cec6
.heronfinance.com/	1970-01-21 07:01:14	Name: ph_phc_STWNXX6UmGrvlJBznC84gZwoHpqLzMekm4IgDxPsnUi_posthog Value: %7B%22distinct_id%22%3A%22d6be3010-fc6b-43d5-a0c2-147f0afe6a9e%22%2C%22%24sesid%22%3A%5B1721738346237%2C%220190df9a-3d1c-7b4c-aee8-a1d48dc15986%22%2C1721738345756%5D%7D
.heronfinance.com/	1970-01-21 07:51:38	Name: _ga Value: GA1.1.196505938.1721738346
.heronfinance.com/	1970-01-21 07:51:38	Name: _ga_TP5TNJ3T8W Value: GS1.1.1721738346.1.0.1721738346.0.0.0
.heronfinance.com/	1969-12-31 23:59:59	Name: IR_gbd Value: heronfinance.com
.heronfinance.com/	1969-12-31 23:59:59	Name: IR_24750 Value: 1721738346380%7C0%7C1721738346380%7C%7C
.heronfinance.com/	1970-01-21 00:25:14	Name: _rdt_uuid Value: 1721738346758.191a2bfb-cbde-468a-991d-1d2debc4cc66
v1.slise.xyz/	1969-12-31 23:59:59	Name: client_id Value: 55f67a6b-264d-4924-b147-a3cf59aec2c1
.heronfinance.com/	1970-01-21 00:25:14	Name: _fbp Value: fb.1.1721738346957.911160460760412603
.heronfinance.com/	1970-01-21 04:44:28	Name: intercom-id-bbsre0qc Value: db0728eb-df8c-42d8-9d5c-a7d9daa25c7e
.heronfinance.com/	1970-01-20 22:25:43	Name: intercom-session-bbsre0qc Value:
.heronfinance.com/	1970-01-21 04:44:28	Name: intercom-device-id-bbsre0qc Value: 8ef0f322-f5e8-4520-b389-c93690b72a38

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
api-iam.intercom.io
connect.facebook.net
js.intercomcdn.com
pixel-config.reddit.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
static.cloudflareinsights.com
utt.impactcdn.com
v1.slise.xyz
wellput.go2cloud.org
widget.intercom.io
www.clkmg.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.heronfinance.com
www.linkedin.com
www.redditstatic.com
www.google-analytics.com
13.107.42.14
13.249.190.85
13.58.10.93
151.101.1.140
151.101.129.140
18.161.34.8
2600:1408:ec00:1e::1735:23ea
2606:4700:20::681a:5a7
2606:4700::6810:4f49
2607:f8b0:400d:c04::61
2607:f8b0:400d:c07::8a
2620:1ec:21::14
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42::396
34.198.147.111
35.186.249.72
44.236.11.165
54.210.212.221
0215eabc84d0abf65e91810ea80b0cc94f3502d8fcc59846bd7ea450fe7d6d03
050daa0bcd9cbe6cf268780fafa1e9a544329b69ead3a4e6ecaee5f104025972
07c28f84d700d4fff8a6b60f531fc0404ff07337a9860fbb267d277658430bfb
11ca491e85ed0a879034e8182ab5eace603101a740ccc2e60d4ab4e3a6681e27
16362a89161aa8679c73802113c93a7972f3e550a1ea163ee2974090b90130f1
166c3427559c8ace2fe70a7b17de2eedcd58b64902924d65345f949ee0794288
197f0b4689fdeda9ac2f895fa65c5abc54162c5f7653f83a413fd01a7a88cee6
1eb2f41394a994494ad128de4dc3f359f84b04a300cd100a35809703460b7d48
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c32f3c538c412c3eed9009f19a50b654205ac3ec72e6d797e8a8380eabc8abb
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4557a2c25c2b046d58cae18edb4919bd11ba11fc12b9837ebf991bd014595c15
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
481d5f40293b3d9ecffaf75d9368a72c95d305cb22229a31c0b28093486187a1
49ea420fea73651c2d65d95346bb1bee41dc1c45bccb496cd1f35d1869fd1a30
5163ee3d253502f72a8cceaedefcb13b9a9f7e89d3647d5ef19fee472ee4163d
5d68c370635e8ae56145a514ca9e71f2557680492ff90783a7389f2edebcace4
62f85d49567a9094a5a509b7b52649ea5c7985854c9e42352cab9b2ae6b48169
647c7c84a7e5001720ff13b642e6cfc49eba07efb9d30f1673b2195c0597c666
670c273aa2e8a44af44aa484a96d2f06f2539e20a0f2fb75ddb8f2696c800bc0
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
6b80f4c62b364a2460d0af32d91fd043ce44cc66632692c94b6c353261384b43
6cbcddba02f678dc9511c84a011c8c38109a973861fd78d85f231f173e01dffd
6de8b2c1179ef2d6bfd0875c59befbf1b08be0a6d16822635dac549e257ee5ae
6ebe62c9b77633ef4a636212371adeca54ad92f4085e9dedeb11758a11c26e89
748e2353ab2ae772a2c6515b5277598872db141dab94c0a0a9baa0a94b3fb7d4
7592b226a968b432f0fa7a2c4e9bb4bcbc3850d37340ff4e284d98af1f4eed9e
7b3de913b437482725068457133cbaa236ddd7b2cbf0e8b1df0cebc4bcf7354f
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
7f1ce4a862d65402b5a079f450fe0fcec315ba7565247c86ae25f819662ad7a9
80e186074bb84ddc4a49c6e9c8c0559c963b4d52ed36b25c8fd954c994ee7cb0
885d8131082b1566c60913b7a3bbd474372d86caa0c83b946281ec11a88107aa
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8ecf11dbbb6026fc363228c30df6822ba248c67782250b4b50a48823e6e8d75f
9175ce727248fe6bf3124acfded77eae0c5c7c0045a1f10d13a88fca5aa272b3
91da4a94210307f39d66c835f402f99956eea49d85d64cb0d47f98bc08c49ef5
a1347d9ce51be7b9396d657e1ad1a55d205c4822572c9f8a9a1c5e6b9889a534
a5d4a7089faf5694b3d3ecb39d4d535f750b23798d0daae6e02d57922a1e669b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab0c659c5ac7cdf587898b12640c848a3ae6d6e4dd61ab3c1b6978f2940d8778
b396cd407fcbd620ae7571c359bc1f8392059d38802309f41a16ce940f5952bc
b4daf64a838dd26c6d5caf4c60c0a9416758d2ffd2ec7772d33c2fd67a9001ef
b70b189933d83415921ba9e54475deab3b5ec504e4c46d4933f6d3a5139fc5a2
ba5fa9d26c2ea3dcedcd594f0604a42870bf6a0a1d12232c34c61a2dda41bf26
c0f32f54a2b30d8106d20cb8b32b080ec4c10f828242bfaea909d1638c702fc9
c29995303e6f00382059fd80a9e695e390640dc16f1fec02b896ab91cd4a6e3f
c72551902ae79f7b9c02a4cbad5a486f6cb46d7a6a3ce367f5765951ed8e1e50
c93fb90ee83f67cbb1eadbbe25fa8b0df6cc0f1eb2bc4cc3b25fdc033007cccc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cada67cac67b5da60515480c948ac320b11e304881910cde6ba464db9e3df76e
d2301eddf6ea01e6c093f7026a75b4b7a95a9e5d87a34fd74b8bdefae6210fb5
d84b0cd58c28f397d22a761dc27da208bda69da945c20b99a01f15c8489c9f7b
dbfeb010a0c8acddc38dea97e228787f16ac5e30b4af96b764fa2252fe3827e4
dd362131b4f6270404e2a90a6d710b86e888de0b2a79094fcb7c16a66e51f130
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
eea9f67534400ce075ffffb3d0f45c43300e6c6e244d5b566dca5fedb480e087
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18a909efabf1ff789f032cdd4a6d6d1dde2c35bceeec68577327978b326600c
f20fbbadccccaa0ecea71fd9853b4e32fabb6084771d2417ad5f56337935e248

www.heronfinance.com Open in urlscan Pro 2606:4700:20::681a:5a7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

90 %HTTPS

47 %IPv6

16 Domains

20 Subdomains

18 IPs

1 Countries

1342 kBTransfer

3668 kBSize

22 Cookies

10 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.heronfinance.com Open in urlscan Pro
2606:4700:20::681a:5a7 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

90 %
HTTPS

47 %
IPv6

16
Domains

20
Subdomains

18
IPs

1
Countries

1342 kB
Transfer

3668 kB
Size

22
Cookies

79 HTTP transactions
0 data transactions