urlscan.io logo urlscan.io
SecurityTrails logo

heatonsgroup.co Open in urlscan Pro
31.220.90.51  Public Scan

Go To Rescan Add Verdict Report
URL: https://heatonsgroup.co/
Submission: On April 10 via manual — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 13 domains to perform 75 HTTP transactions. The main IP is 31.220.90.51, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is heatonsgroup.co.
TLS certificate: Issued by R3 on March 4th 2024. Valid for: 3 months.
This is the only time heatonsgroup.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
42 31.220.90.51 51167 (CONTABO)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.16.86.20 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
3 185.45.195.28 60117 (HS)
1 2606:4700:21:... 13335 (CLOUDFLAR...)
1 1 104.26.9.183 13335 (CLOUDFLAR...)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 142.250.74.195 15169 (GOOGLE)
2 104.17.25.14 13335 (CLOUDFLAR...)
75 16
42    31.220.90.51 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: server2.hostmane.net
heatonsgroup.co
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
3    104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700::6811:f6cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    185.45.195.28 (Los Angeles, United States)

ASN60117 (HS, AE)
PTR: host.bitpaycryptorevolution.com
picton-groups.com
1    2606:4700:21::681b:c358 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.plyr.io
1    104.26.9.183 (None, )

ASN13335 (CLOUDFLARENET, US)
code.tidio.co
8    2606:4700:20::681a:98b (United States)

ASN13335 (CLOUDFLARENET, US)
widget-v4.tidiochat.com
3    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
1    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.74.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
fonts.gstatic.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
42 heatonsgroup.co
heatonsgroup.co
5 MB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
117 KB
8 tidiochat.com
widget-v4.tidiochat.com — Cisco Umbrella Rank: 30487
380 KB
3 picton-groups.com
picton-groups.com
7 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1334
225 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 116
translate.googleapis.com — Cisco Umbrella Rank: 1625
74 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 454
63 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 381
4 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 78
1 tidio.co
code.tidio.co — Cisco Umbrella Rank: 22824
490 B
1 plyr.io
cdn.plyr.io — Cisco Umbrella Rank: 14120
35 KB
1 google.com
translate.google.com — Cisco Umbrella Rank: 2351
31 KB
0 vitomax.net Failed
vitomax.net Failed
75 13
Domain Requested by
42 heatonsgroup.co heatonsgroup.co
8 widget-v4.tidiochat.com heatonsgroup.co
code.tidio.co
5 fonts.gstatic.com fonts.googleapis.com
3 www.gstatic.com www.gstatic.com
3 picton-groups.com heatonsgroup.co
3 unpkg.com 2 redirects heatonsgroup.co
3 cdn.jsdelivr.net heatonsgroup.co
2 cdnjs.cloudflare.com
2 fonts.googleapis.com heatonsgroup.co
1 www.youtube.com heatonsgroup.co
1 translate.googleapis.com
1 code.tidio.co 1 redirects
1 cdn.plyr.io heatonsgroup.co
1 translate.google.com heatonsgroup.co
0 vitomax.net Failed heatonsgroup.co
75 15

This site contains links to these domains. Also see Links.

Domain
translate.google.com
companyregistry.kompany.com
www.trustpilot.com
Subject Issuer Validity Valid
*.heatonsgroup.co
R3		 2024-03-04 -
2024-06-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
picton-groups.com
cPanel, Inc. Certification Authority		 2024-02-20 -
2024-05-20		 3 months crt.sh
cdn.plyr.io
Cloudflare Inc ECC CA-3		 2024-03-11 -
2024-12-31		 10 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
tidiochat.com
GTS CA 1P5		 2024-03-17 -
2024-06-15		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://heatonsgroup.co/
Frame ID: AF8E5953395806FA7C61FE8087F14D2B
Requests: 63 HTTP requests in this frame

Frame: https://www.youtube.com/embed/CsPvnLIKxZ4?si=f6ym8K5dpHpcylZt
Frame ID: F62C6182E6B616F628A7171149DDDEB0
Requests: 1 HTTP requests in this frame

Frame: https://heatonsgroup.co/img/WhatsApp%20Video%202023-10-02%20at%201.09.21%20PM.mp4
Frame ID: 531CCB3B37CA40C11D7992FDE1975201
Requests: 8 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/1_222_0/static/js/chunk-WidgetIframe-af3d0704fbf4e7df24d9.js
Frame ID: EDF13D9DCE1DE1211B803A7195B2F2EA
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: 375D1BD5C207B4A7E57F1E09C22A919C
Requests: 1 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Frame ID: A3AF771530D9386252D97AE0F2CE3E57
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • https://cdn\.plyr\.io/([0-9.]+)/.+\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /revslider/[/\w-]+/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

75
Requests

95 %
HTTPS

60 %
IPv6

13
Domains

15
Subdomains

16
IPs

3
Countries

5780 kB
Transfer

8237 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://unpkg.com/tailwindcss-jit-cdn HTTP 302
  • https://unpkg.com/tailwindcss-jit-cdn@1.3.0 HTTP 302
  • https://unpkg.com/tailwindcss-jit-cdn@1.3.0/dist/tailwindcss-jit-cdn.umd.min.js
Request Chain 42
  • https://code.tidio.co/ucaobvneblxrupjzfl8bmrg6uhjx97jr.js HTTP 302
  • https://widget-v4.tidiochat.com/1_222_0/static/js/render.af3d0704fbf4e7df24d9.js

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heatonsgroup.co/ 		212 KB
213 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
bc98f25cf97256e89b44db85ce89bfe71ff848ebe4780f4fe7dda03c40408d21

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Apr 2024 08:35:56 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
element.js
translate.google.com/translate_a/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5d8a81822e8cc345f7398cf24a0afc3bfd20489df3bc4b8448855426c174bbeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 08:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cdn.min.js
cdn.jsdelivr.net/npm/alpinejs@3.x.x/dist/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/alpinejs@3.x.x/dist/cdn.min.js
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e556bb4305210bf27a42deb66aa28dba48be99488403079e0cac7a70fdaa53b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 08:35:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11717
x-jsd-version
3.13.8
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16712
x-served-by
cache-fra-eddf8230068-FRA, cache-lga21955-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"ac4e-e+7zu4kTljpudZcs3gKHEUv46pU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HjqJZo4D6ha3jM1PzjNMAOP9y1dFbm3PLazFVV3NCTdZk%2FIGDbzP628MZFwzzGD%2FcW5N2ayVIwxApbK73yFFMOjjgqb5RQnOsgLZsi70beKOAs7xxlPqCCHOQzNHjeEYyMA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
872168042c600054-WAW
swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@10/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swiper@10/swiper-bundle.min.css
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a42e24b867ff52d9e4d766b96d8882c83f18e7442408a41c4b09a043dffccb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 08:35:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12012
x-jsd-version
10.3.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230084-FRA, cache-ams21080-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"4813-cVRgrthAcZRLwmt8seVl8+0QciE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=utcJX2tWyHnBnXA3wgU1IKu0MYIdWRKgaiiQ7N0nWIsg3yt9MgMTP9QEe%2B0HlMZYIorTS740XzHP8wD4Idgz4BuIfI5yUT4LPmXkeAErEt%2FTcNoJjFaQdviXhQeKhhl8n18%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
872168042c5d0054-WAW
spo.css
vitomax.net/public/css/ 		0
0
spo.js
vitomax.net/public/js/ 		0
0
style.min1eb7.css
heatonsgroup.co/wp-includes/css/dist/block-library/ 		87 KB
87 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-includes/css/dist/block-library/style.min1eb7.css?ver=6.0.3
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:28:40 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88932
Content-Type
text/css
styles42f0.css
heatonsgroup.co/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/plugins/contact-form-7/includes/css/styles42f0.css?ver=5.6.3
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:03:02 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2731
Content-Type
text/css
rs684fc.css
heatonsgroup.co/wp-content/plugins/revslider/public/assets/css/ 		60 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/plugins/revslider/public/assets/css/rs684fc.css?ver=6.4.3
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
d35e81c313f4bbcc4caa0031ee36a11059dff1c0266693a0fca459d12d7f5e0a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Tue, 27 Apr 2021 15:09:28 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61066
Content-Type
text/css
be1cc3.css
heatonsgroup.co/wp-content/themes/betheme/css/ 		402 KB
403 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/themes/betheme/css/be1cc3.css?ver=26.5.0.4
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
49e425312f889f1550da74bff6321d5a547c0895c6e68803e5ac75bff7e4f175

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Fri, 02 Dec 2022 11:33:32 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
412029
Content-Type
text/css
animations.min1cc3.css
heatonsgroup.co/wp-content/themes/betheme/assets/animations/ 		58 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/themes/betheme/assets/animations/animations.min1cc3.css?ver=26.5.0.4
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
622a07604bb0030ba7094f0f1dcb5d1e9080164fd6ba4071a73452802378b55b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:03:50 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59453
Content-Type
text/css
fontawesome1cc3.css
heatonsgroup.co/wp-content/themes/betheme/fonts/fontawesome/ 		59 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/themes/betheme/fonts/fontawesome/fontawesome1cc3.css?ver=26.5.0.4
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
da62de2d056f245ca8b100df664de366e2242082041473536747bb5465404e0b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:03:50 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60713
Content-Type
text/css
jplayer.blue.monday.min1cc3.css
heatonsgroup.co/wp-content/themes/betheme/assets/jplayer/css/ 		9 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min1cc3.css?ver=26.5.0.4
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
10f8e5f272c9ae8c8271ab51d7310aaf9c9bed694104dbe6ff10d99849d19ab8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:03:50 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9711
Content-Type
text/css
responsive1cc3.css
heatonsgroup.co/wp-content/themes/betheme/css/ 		64 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/themes/betheme/css/responsive1cc3.css?ver=26.5.0.4
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
dd05c6edba0491dc3745b1f6eb10e4ca6bac9e9d8783083147e4b59bc79ceb9e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:03:50 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65025
Content-Type
text/css
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic%7CBig+Shoulders+Text%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&display=swap&ver=6.0.3
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c46a70d93082f08642cab259b46384ac6fd7e5aa10caf105e7b8a2716cacb00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Apr 2024 08:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Apr 2024 08:35:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Apr 2024 08:35:56 GMT
style1eb7.css
heatonsgroup.co/wp-content/themes/betheme-child/ 		209 B
417 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/themes/betheme-child/style1eb7.css?ver=6.0.3
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
7d7d1c0e280bf428ece29fcf06aceb930039e8524a81a62860922e3b45497e76

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Thu, 12 Dec 2019 15:58:20 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
209
Content-Type
text/css
jquery.minaf6c.js
heatonsgroup.co/wp-includes/js/jquery/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-includes/js/jquery/jquery.minaf6c.js?ver=3.6.0
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:28:06 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89521
Content-Type
application/javascript
jquery-migrate.mind617.js
heatonsgroup.co/wp-includes/js/jquery/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-includes/js/jquery/jquery-migrate.mind617.js?ver=3.3.2
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:28:06 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11224
Content-Type
application/javascript
rbtools.min84fc.js
heatonsgroup.co/wp-content/plugins/revslider/public/assets/js/ 		121 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/plugins/revslider/public/assets/js/rbtools.min84fc.js?ver=6.4.3
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
463f24ed151c0bc8775c09e92c3885fd96dc17f1e91ca64d70f3ba9600e0eb86

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Tue, 27 Apr 2021 15:09:28 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
123959
Content-Type
application/javascript
rs6.min84fc.js
heatonsgroup.co/wp-content/plugins/revslider/public/assets/js/ 		347 KB
348 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/plugins/revslider/public/assets/js/rs6.min84fc.js?ver=6.4.3
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
c6664feae90423891e1d41c5dac7a730d47067927a2bdee17dcdf03e8354c666

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Tue, 27 Apr 2021 15:09:28 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
355655
Content-Type
application/javascript
logo.png
heatonsgroup.co/images/ 		352 KB
352 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heatonsgroup.co/images/logo.png
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
0f45b789ba89ce338d1d90abd2842a1736eef44532b2ca73ce335f1110bb5b71

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Wed, 11 Oct 2023 06:37:02 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
360241
Content-Type
image/png
tailwindcss-jit-cdn.umd.min.js
unpkg.com/tailwindcss-jit-cdn@1.3.0/dist/
Redirect Chain
  • https://unpkg.com/tailwindcss-jit-cdn
  • https://unpkg.com/tailwindcss-jit-cdn@1.3.0
  • https://unpkg.com/tailwindcss-jit-cdn@1.3.0/dist/tailwindcss-jit-cdn.umd.min.js
760 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/tailwindcss-jit-cdn@1.3.0/dist/tailwindcss-jit-cdn.umd.min.js
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
H2
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e01777daea74fe259ad4ce809edf9759b8b2e71232971f3b83f059413f0c99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heatonsgroup.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Apr 2024 08:35:56 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2389846
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWB7WQQJDYVVY9HBP3F5J5G-fra
server
cloudflare
etag
W/"bdf54-R+GO0nsBQrgGfMejCVCtNEFQ8qk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
872168062f2d3656-FRA

Redirect headers

date
Wed, 10 Apr 2024 08:35:56 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HRWB7WG8PSE8KJJQYG1BEB5X-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2389855
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/tailwindcss-jit-cdn@1.3.0/dist/tailwindcss-jit-cdn.umd.min.js
cache-control
public, max-age=31536000
cf-ray
87216805cedf3656-FRA
building.jpg
heatonsgroup.co/images/ 		198 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heatonsgroup.co/images/building.jpg
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
c2170be43da6b5be94bb48acdae821c4cea10f1e56a5d2dc9c322023b74ed931

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Sat, 14 Oct 2023 13:33:29 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
202719
Content-Type
image/jpeg
community.jpg
heatonsgroup.co/images/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heatonsgroup.co/images/community.jpg
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
70bb548a9565db2aa313b108476505cb21d2b52a182602616a56dfbb43ab4477

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:57 GMT
Last-Modified
Sat, 14 Oct 2023 13:45:22 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
155612
Content-Type
image/jpeg
chase.png
picton-groups.com/assets/homepage/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://picton-groups.com/assets/homepage/img/chase.png
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.45.195.28 Los Angeles, United States, ASN60117 (HS, AE),
Reverse DNS
host.bitpaycryptorevolution.com
Software
Apache /
Resource Hash
9981206ab477187eb85b1598807e7dc20b2a1647539c1d9a05aca7dbd6cff59f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Sun, 16 Jul 2023 13:26:25 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1975
pricehuble.png
picton-groups.com/assets/homepage/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://picton-groups.com/assets/homepage/img/pricehuble.png
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.45.195.28 Los Angeles, United States, ASN60117 (HS, AE),
Reverse DNS
host.bitpaycryptorevolution.com
Software
Apache /
Resource Hash
7e327745f28332a46a1397e2ab09eb7941cc963289df75d55ba1b163b86c457e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Sun, 16 Jul 2023 13:26:25 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2720
emarr.png
picton-groups.com/assets/homepage/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://picton-groups.com/assets/homepage/img/emarr.png
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.45.195.28 Los Angeles, United States, ASN60117 (HS, AE),
Reverse DNS
host.bitpaycryptorevolution.com
Software
Apache /
Resource Hash
869d64645c31e3bb70d831f48f53bbf40b89d037d68aecbb8259c83ce0bd21ad

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Sun, 16 Jul 2023 13:26:25 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2118
Untitled.png
heatonsgroup.co/blog/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heatonsgroup.co/blog/Untitled.png
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
b84f2ecd74a85f61473e2c7a6373f2f820ff3676b92ce59990d329e34978f413

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:57 GMT
Last-Modified
Mon, 16 Oct 2023 08:14:26 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4844
Content-Type
image/png
swiper-bundle.min.js
cdn.jsdelivr.net/npm/swiper@10/ 		140 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swiper@10/swiper-bundle.min.js
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3422c182871135666da685419bbed480a08f51fead9546fb95965a6e47450a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 08:35:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12012
x-jsd-version
10.3.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220118-FRA, cache-ams21021-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"22ec6-XzsUsOzWFyz4l8ZPrexzRg1u7sI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nZTrlN%2BnELl%2FMZuXx7sSL2wsF8ofJ8frfJs%2F3AvwKX2sOpxbIZAUy45yyJN%2FjAZKBClyoFy%2B%2F48TXsWu%2BCZ%2Bx9t%2Fkrma0v3oHAdubF%2B4RdGdG99%2FZaYKqMs6aVCcgfSd%2BNM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
87216804fd4e0054-WAW
ceo.jpeg
heatonsgroup.co/images/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heatonsgroup.co/images/ceo.jpeg
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
f9654082e88c8aa6bd320c80f9de1eb7502de8c9f1b142f1d2fb0bc2e59aa5ff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:57 GMT
Last-Modified
Sat, 14 Oct 2023 14:02:22 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64705
Content-Type
image/jpeg
BlogHeader-Sept2021-01-960x485.jpg
heatonsgroup.co/wp-content/uploads/2021/09/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heatonsgroup.co/wp-content/uploads/2021/09/BlogHeader-Sept2021-01-960x485.jpg
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
c6760aa8034866e1e131898c7c5a86a3b43ef29f82045ee1702e7218de647446

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:57 GMT
Last-Modified
Fri, 17 Sep 2021 13:59:38 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44396
Content-Type
image/jpeg
plyr.polyfilled.js
cdn.plyr.io/3.7.3/ 		115 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/3.7.3/plyr.polyfilled.js
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfeabecf2b65f8001f85f04223271a9a5d01dc1877b90896761fabb5bb10d0dd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 08:35:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2978648
cf-polished
origSize=117843
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 20 Apr 2023 10:33:44 GMT
server
cloudflare
etag
W/"309885ec0a6d2879e0f304d21a596ffb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IMxirqMZ1Oa8zlgJq%2BbG5UTroOhJIGDPHrNMgUi6wtilP39NsqR2izqwEGwCknFYUpx09fmTmX1G%2FbYdrmIx%2FZOec5m06WiYTFdGOdiiio0dtHEJlbnKIGcAUUxsy1ELXezyb7v7s60B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
87216805dd3dc2be-VIE
css
fonts.googleapis.com/ 		2 KB
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Apr 2024 08:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Apr 2024 07:02:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Apr 2024 08:35:56 GMT
index42f0.js
heatonsgroup.co/wp-content/plugins/contact-form-7/includes/swv/js/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/plugins/contact-form-7/includes/swv/js/index42f0.js?ver=5.6.3
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:03:02 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9680
Content-Type
application/javascript
index42f0.js
heatonsgroup.co/wp-content/plugins/contact-form-7/includes/js/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/plugins/contact-form-7/includes/js/index42f0.js?ver=5.6.3
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:03:02 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12211
Content-Type
application/javascript
core.min0028.js
heatonsgroup.co/wp-includes/js/jquery/ui/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-includes/js/jquery/ui/core.min0028.js?ver=1.13.1
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:29:02 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20715
Content-Type
application/javascript
tabs.min0028.js
heatonsgroup.co/wp-includes/js/jquery/ui/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-includes/js/jquery/ui/tabs.min0028.js?ver=1.13.1
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
34934dc0d2652647955344d4d53218860096f14217c81c1eb5b02e54526835b6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:29:08 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11937
Content-Type
application/javascript
plugins1cc3.js
heatonsgroup.co/wp-content/themes/betheme/js/ 		197 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/themes/betheme/js/plugins1cc3.js?ver=26.5.0.4
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
54766cd48bb6d7cdd9c40489d6e8caa9ccba6c5d289e016b5576bceff9093613

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:03:50 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
201504
Content-Type
application/javascript
menu1cc3.js
heatonsgroup.co/wp-content/themes/betheme/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/themes/betheme/js/menu1cc3.js?ver=26.5.0.4
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
e31562bbd4b9f377eec9662b440b0c1262ff73f7e85c3a6e3639635e4516013f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:03:50 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2859
Content-Type
application/javascript
animations.min1cc3.js
heatonsgroup.co/wp-content/themes/betheme/assets/animations/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/themes/betheme/assets/animations/animations.min1cc3.js?ver=26.5.0.4
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
d1bbd7ecc1eb2490fa89949a1af779e82a0817587e19a8396936ed86e430550b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:57 GMT
Last-Modified
Wed, 05 Oct 2022 14:03:50 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1831
Content-Type
application/javascript
jplayer.min1cc3.js
heatonsgroup.co/wp-content/themes/betheme/assets/jplayer/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/themes/betheme/assets/jplayer/jplayer.min1cc3.js?ver=26.5.0.4
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:57 GMT
Server
nginx
Connection
keep-alive
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
translate3d1cc3.js
heatonsgroup.co/wp-content/themes/betheme/js/parallax/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/themes/betheme/js/parallax/translate3d1cc3.js?ver=26.5.0.4
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
c0a00439e0c82d42a9b64c694698665bd924252eb48e86b1c95a4d40dac471a4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:57 GMT
Last-Modified
Wed, 05 Oct 2022 14:03:50 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3963
Content-Type
application/javascript
scripts1cc3.js
heatonsgroup.co/wp-content/themes/betheme/js/ 		106 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/themes/betheme/js/scripts1cc3.js?ver=26.5.0.4
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
0513b560e944f2fe23a22bcc2c0373db842d5339356894734b3131bc528ebe13

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:57 GMT
Last-Modified
Wed, 05 Oct 2022 14:03:50 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108064
Content-Type
application/javascript
render.af3d0704fbf4e7df24d9.js
widget-v4.tidiochat.com/1_222_0/static/js/
Redirect Chain
  • https://code.tidio.co/ucaobvneblxrupjzfl8bmrg6uhjx97jr.js
  • https://widget-v4.tidiochat.com/1_222_0/static/js/render.af3d0704fbf4e7df24d9.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_222_0/static/js/render.af3d0704fbf4e7df24d9.js
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
H2
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db314bb9b59428a9474c3ed3c639808b4fa143f39d44b5e1957cb5a1fbc26485

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heatonsgroup.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Apr 2024 08:35:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Apr 2024 07:39:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3200
etag
W/"660d07bc-1472"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vKT1ABuUQaSvlZySvZRDpjaoOQ6hAVfpmuNWaVJB%2FZ51hgaRswNEhp2x2vgZQ7Cx6krJGEoEVrQFcFJqVHVbs4vRZ53awrZctB1BXWpcwM41iNHwssfPVcfsEWqZKoZsUwaQVyTRK2dCAuvumOBLG%2BzmyXr6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
872168068f0e366f-FRA

Redirect headers

date
Wed, 10 Apr 2024 08:35:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
widget-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BwPGfg6n9csopLUxJ9a5l%2B%2FXniiass9X51IZekwtN6OZhvD%2FpQXpuprKqDWsd%2FkO6Zxc%2FT37WqW2vVtPcTYp2DKkUPMwwDWZHnuXB%2BWm0l0wu2fXtW%2BYAr4fs22O5xE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://widget-v4.tidiochat.com/1_222_0/static/js/render.af3d0704fbf4e7df24d9.js
cache-control
public, s-maxage=300, max-age=0
cf-ray
872168058c2a30e2-FRA
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=wA/d=0/rs=AN8SPfpPTNr3cQN8QhzqvQYsNrDu3oHhow/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=wA/d=0/rs=AN8SPfpPTNr3cQN8QhzqvQYsNrDu3oHhow/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.ONx7v47J93E.O/am=wA/d=1/rs=AN8SPfr1vGq1DAiQ-7M6U63SE_2P0jOVNQ/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 16:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Thu, 04 Apr 2024 07:26:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Apr 2025 16:50:31 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ONx7v47J93E.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfqKZ5NldUF1fGiaSQ8AF2_2E4uH-w/ 		208 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ONx7v47J93E.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfqKZ5NldUF1fGiaSQ8AF2_2E4uH-w/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.ONx7v47J93E.O/am=wA/d=1/rs=AN8SPfr1vGq1DAiQ-7M6U63SE_2P0jOVNQ/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
298c145eaed570133cf01c785b3722ad733e6861b1831d110168a3c4787e6d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 18:07:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73547
x-xss-protection
0
last-modified
Sun, 07 Apr 2024 17:10:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Apr 2025 18:07:22 GMT
CsPvnLIKxZ4
www.youtube.com/embed/ Frame F62C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/CsPvnLIKxZ4?si=f6ym8K5dpHpcylZt
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heatonsgroup.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Apr 2024 08:35:57 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
WhatsApp%20Video%202023-10-02%20at%201.09.21%20PM.mp4
heatonsgroup.co/img/ Frame 531C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/img/WhatsApp%20Video%202023-10-02%20at%201.09.21%20PM.mp4
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash

Request headers

Referer
https://heatonsgroup.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
17229442
Content-Type
video/mp4
Date
Wed, 10 Apr 2024 08:35:57 GMT
Last-Modified
Mon, 02 Oct 2023 12:58:32 GMT
Server
nginx
IconBackground-01.jpg
heatonsgroup.co/wp-content/uploads/2019/12/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heatonsgroup.co/wp-content/uploads/2019/12/IconBackground-01.jpg
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
15f0f209af8f88170c302e02a671408d39ceb2c14be980af9f63f57d86155438

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:57 GMT
Last-Modified
Wed, 18 Dec 2019 15:04:54 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63991
Content-Type
image/jpeg
NathanOverlap-01.jpg
heatonsgroup.co/wp-content/uploads/2019/12/ 		832 KB
832 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heatonsgroup.co/wp-content/uploads/2019/12/NathanOverlap-01.jpg
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
36d81d8998e7cb5b6392c0074e06e7c0f70b5e059c2eb9de7539ba8002241ccf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:57 GMT
Last-Modified
Wed, 18 Dec 2019 17:23:02 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
852245
Content-Type
image/jpeg
IconBackground-02.jpg
heatonsgroup.co/wp-content/uploads/2019/12/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heatonsgroup.co/wp-content/uploads/2019/12/IconBackground-02.jpg
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
7b5d71b64d7cb096dc4cbc368513ca5e2e806778c2a2257810d77167e7872e1c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:57 GMT
Last-Modified
Wed, 18 Dec 2019 15:08:46 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64472
Content-Type
image/jpeg
icons4cdc.woff
heatonsgroup.co/wp-content/themes/betheme/fonts/mfn/ 		80 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/themes/betheme/fonts/mfn/icons4cdc.woff?31690507
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/wp-content/themes/betheme/css/be1cc3.css?ver=26.5.0.4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/wp-content/themes/betheme/css/be1cc3.css?ver=26.5.0.4
Origin
https://heatonsgroup.co
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:57 GMT
Last-Modified
Wed, 05 Oct 2022 14:03:50 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
81448
Content-Type
font/woff
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic%7CBig+Shoulders+Text%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&display=swap&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://heatonsgroup.co
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 02:38:45 GMT
x-content-type-options
nosniff
age
107832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Apr 2025 02:38:45 GMT
fa-solid-900.woff2
heatonsgroup.co/wp-content/themes/betheme/fonts/fontawesome/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/wp-content/themes/betheme/fonts/fontawesome/fa-solid-900.woff2
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/wp-content/themes/betheme/fonts/fontawesome/fontawesome1cc3.css?ver=26.5.0.4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/wp-content/themes/betheme/fonts/fontawesome/fontawesome1cc3.css?ver=26.5.0.4
Origin
https://heatonsgroup.co
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:57 GMT
Last-Modified
Wed, 05 Oct 2022 14:03:50 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
80300
Content-Type
font/woff2
55xxezRtP9G3CGPIf49hxc8P0eytUxBcm4Z6.woff2
fonts.gstatic.com/s/bigshoulderstext/v24/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bigshoulderstext/v24/55xxezRtP9G3CGPIf49hxc8P0eytUxBcm4Z6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic%7CBig+Shoulders+Text%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&display=swap&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba86a54e2a4a8425957f8dd0667a3d3048dbb9ef346a25236c3d27dc988b96e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://heatonsgroup.co
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 03:51:41 GMT
x-content-type-options
nosniff
age
362656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36392
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:21:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 03:51:41 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic%7CBig+Shoulders+Text%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&display=swap&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://heatonsgroup.co
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 19:07:30 GMT
x-content-type-options
nosniff
age
307707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 19:07:30 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic%7CBig+Shoulders+Text%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&display=swap&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://heatonsgroup.co
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:29:57 GMT
x-content-type-options
nosniff
age
151560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24408
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:14:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Apr 2025 14:29:57 GMT
truncated
/ Frame 531C 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
WhatsApp%20Video%202023-10-02%20at%201.09.21%20PM.mp4
heatonsgroup.co/img/ Frame 531C 		800 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/img/WhatsApp%20Video%202023-10-02%20at%201.09.21%20PM.mp4
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://heatonsgroup.co/img/WhatsApp%20Video%202023-10-02%20at%201.09.21%20PM.mp4
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

Content-Range
bytes 0-17229441/17229442
Date
Wed, 10 Apr 2024 08:35:58 GMT
Last-Modified
Mon, 02 Oct 2023 12:58:32 GMT
Server
nginx
Connection
keep-alive
Content-Length
17229442
Content-Type
video/mp4
blog_masonry_tile_gradient.png
heatonsgroup.co/wp-content/themes/betheme/images/ 		241 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heatonsgroup.co/wp-content/themes/betheme/images/blog_masonry_tile_gradient.png
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/wp-content/themes/betheme/css/be1cc3.css?ver=26.5.0.4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
203704d53f934124b91e64055b68bf71ec38381544d80e681aef6aca5c087eb4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/wp-content/themes/betheme/css/be1cc3.css?ver=26.5.0.4
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:58 GMT
Last-Modified
Wed, 05 Oct 2022 14:03:50 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
241
Content-Type
image/png
truncated
/ Frame 531C 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 531C 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 531C 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 531C 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 531C 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
first.jpg
heatonsgroup.co/images/ 		345 KB
345 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heatonsgroup.co/images/first.jpg
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
2b73e68fc81c9f226155c822498dbfea7031dd82752ad212a84eb154caad3e9f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:59 GMT
Last-Modified
Wed, 18 Oct 2023 21:43:03 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
353574
Content-Type
image/jpeg
second.jpg
heatonsgroup.co/images/ 		282 KB
283 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heatonsgroup.co/images/second.jpg
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
3d3354bca55f30a4d534fd944ee0f54047fba187d149e25dc76cc443514f6e16

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:59 GMT
Last-Modified
Wed, 18 Oct 2023 21:43:11 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
289111
Content-Type
image/jpeg
third.jpeg
heatonsgroup.co/images/ 		393 KB
394 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heatonsgroup.co/images/third.jpeg
Requested by
Host: heatonsgroup.co
URL: https://heatonsgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
a805e1286088995700b1b4a31d63b7b7be4352b7cfbf67fefdf7c36f37f24055

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:35:59 GMT
Last-Modified
Wed, 18 Oct 2023 21:42:53 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
402789
Content-Type
image/jpeg
chunk-WidgetIframe-af3d0704fbf4e7df24d9.js
widget-v4.tidiochat.com/1_222_0/static/js/ Frame EDF1 		477 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_222_0/static/js/chunk-WidgetIframe-af3d0704fbf4e7df24d9.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/ucaobvneblxrupjzfl8bmrg6uhjx97jr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d78855794a182656400d639c9bb336dde75dc1020be5fd8ba33f1d0199f759

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 08:36:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Apr 2024 07:39:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3194
etag
W/"660d07bc-774c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RRElsmUajA0%2FD83Y8yG5W89Kb9AGf7jtgY4GfDV1FMgTynrrPP1bxevGklrR79Xt%2BXHTBVVgiQwbObTWfmLTEbZP%2FbYlcynXIH0BH24WFYMl7OeBlpK3zEI8yn9Youg93DrBV%2B9rgf1Kbu2CiFlXz6He12Pw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8721681dfc44366f-FRA
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame EDF1 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/ucaobvneblxrupjzfl8bmrg6uhjx97jr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://heatonsgroup.co
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 08:36:00 GMT
cf-cache-status
MISS
last-modified
Wed, 03 Apr 2024 07:39:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"660d07b7-6b08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pNEeOip%2F5qxh7QlI3wU5t8uEgnl4SWzZN%2Fm7sIUCFNsVo5RiAAHibzn7MCEIWmiJe2GLe4jQV27uH0hGnf4kqEiVBldbULpm8naqWOrUG50hw8fWMFO4lSQX3ICEiOYdtEqT3BPvBuvKIfqAn5s%2FumV0hVgu"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8721681e7b8f39ee-FRA
content-length
27400
truncated
/ Frame 375D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 13:05:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3340
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Apr 2025 13:05:52 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 02:05:12 GMT
x-content-type-options
nosniff
age
196248
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
910
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 08 Apr 2025 02:05:12 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=wA/d=0/rs=AN8SPfpPTNr3cQN8QhzqvQYsNrDu3oHhow/m=el_main_css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=wA/d=0/rs=AN8SPfpPTNr3cQN8QhzqvQYsNrDu3oHhow/m=el_main_css
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 07:41:01 GMT
x-content-type-options
nosniff
age
89699
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 09 Apr 2025 07:41:01 GMT
tururu.mp3
widget-v4.tidiochat.com// Frame EDF1 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 08:36:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1329123
Content-Range
bytes 0-7223/7224
Content-Length
7224
pragma
public
last-modified
Wed, 20 Mar 2024 10:18:04 GMT
server
cloudflare
etag
"65fab7dc-1c38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XrPzBFiWbd906w%2BFvNPk1nobBIrPOC8%2BLqLfjF%2FlkEOqqCiTcGP9x0em1795UzOLmQ8qAO7k1nBVECTMdSHDMRtusG36qFr5Mc8Jem8MKRDOaBdY9qmOtmsmEFPWZkxlHqqZkdkWtZ9uhnq1fWS2VTUmTyUH"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
8721681edd0d366f-FRA
expires
Mon, 08 Apr 2024 23:23:57 GMT
favicon.ico
heatonsgroup.co/ 		1 B
211 B 		Other
General
Check archive.org
Download Go to
Full URL
https://heatonsgroup.co/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.220.90.51 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.hostmane.net
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 08:36:00 GMT
Last-Modified
Wed, 14 Dec 2016 23:14:22 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Content-Type
image/x-icon
widget.af3d0704fbf4e7df24d9.js
widget-v4.tidiochat.com/1_222_0/static/js/ Frame EDF1 		493 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_222_0/static/js/widget.af3d0704fbf4e7df24d9.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/ucaobvneblxrupjzfl8bmrg6uhjx97jr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9164e2da80f2b2459b5f4bbf935a01849637db4dd93055458c1c34d58f4d403a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 08:36:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Apr 2024 07:39:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3192
etag
W/"660d07bc-7b4f6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B3P0W16W%2BYwlV1ohbYmTwI75g44oVdsiwzeiEspBBfqkB5kCEYt9%2BpCjxip9foKZY6CrGwXEsdW5NkwRz731VPoa1649KZaZfVJtoFAtRwXnx7Hy1zjVw%2FiD7g37ABcqo%2B%2B%2BdsZACjmN4MvNwueG4RObWUcc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8721681f2d57366f-FRA
tururu.mp3
widget-v4.tidiochat.com// Frame EDF1 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 08:36:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1329123
Content-Range
bytes 0-7223/7224
Content-Length
7224
pragma
public
last-modified
Wed, 20 Mar 2024 10:18:04 GMT
server
cloudflare
etag
"65fab7dc-1c38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=42esoTtEl5SuV0Tet%2FMQRRyTyHCMvtUfFmBOJvMhLipx3QDSYEmGRmSTAm1up0EzKYqN%2FbAwtzxg4G6vQOO4l42pycT3i3TAKjPXLwcHLn84ZNXuISjqsiw7VxJOyFIJjaPuBWkB8o%2Bwwpg%2BaPfWd2UOPGFR"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
8721681fbddb366f-FRA
expires
Mon, 08 Apr 2024 23:23:57 GMT
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame A3AF 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
Origin
https://heatonsgroup.co
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 08:36:00 GMT
cf-cache-status
HIT
last-modified
Wed, 03 Apr 2024 07:39:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"660d07b7-6b08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FQDDC7ZyMPtjSa9z3e6sebTlEahgOZ06%2BwtyEQvGmYOh4KY2dCDAYSe0Y8Dzx4fmiUTDqtxEFNcNhu2jSLQLVufZ8ShmcMF9Jhbg0NHxi4SdP9DvM3z8sMmFf9Cd%2FrcJqC%2Bd1aWZ0b7U%2BhNbA4vKtf85GHwX"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
872168222f7e39ee-FRA
content-length
27400
1f44b.png
cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/ Frame A3AF 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/1f44b.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 08:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1563322
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1224
last-modified
Sat, 19 Dec 2020 02:18:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fdd6306-505"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2G8RNbvAWzoLKXLMnEkSXY3XvYA0k99NUsuEjD5oR7%2Fw3s60bnIiGLqiq2xxDRQ5KLQCtYGwkeObgHLLW7g5jHO%2FbbWpFYUS1Uf5vWwqteCE2v4IzDjxOZQquEOTqY8Ac401YvAW"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87216823b9c79f14-FRA
expires
Mon, 31 Mar 2025 08:36:01 GMT
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame A3AF 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
Origin
https://heatonsgroup.co
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 08:36:02 GMT
cf-cache-status
HIT
last-modified
Wed, 03 Apr 2024 07:39:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2
etag
"660d07b7-6b08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rGYxtyJXjy2LPDcnVCv7d8%2FJBJWl29bGFXenW2%2F9ogN2nCjOs7bfVhDk3%2FZCFqR0imM%2F5EPJZnKtTalJ3SAJ8NVEpf5KhqGL0fKX6XHGf%2FbR%2BWlwFMlEP1MRQJG7bDOc6wCDuVPCFcfKIuhhsfPvCe1Q4npf"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
87216828df6939ee-FRA
content-length
27400
1f44b.png
cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/ Frame A3AF 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/1f44b.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://heatonsgroup.co/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 08:36:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1563323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1224
last-modified
Sat, 19 Dec 2020 02:18:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fdd6306-505"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=brhCzt7pHxn1%2B8d%2FaFOgjMoEfBd71M%2Fcl%2BC4GfYya8GsVV4btlcOcgMgfrN6voUzKBdjtpbnHUjy4J4hyS118KsLeZgUEgF%2FXlWacsxm5pA5Jh3zVIPRWVqXsoDDtZTa426SeKqT"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87216828ff469f14-FRA
expires
Mon, 31 Mar 2025 08:36:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vitomax.net
URL
https://vitomax.net/public/css/spo.css
Domain
vitomax.net
URL
https://vitomax.net/public/js/spo.js

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| googleTranslateElementInit function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google undefined| $ function| jQuery object| gsapVersions object| tpGS object| punchgs object| RSANYID object| RSANYID_sliderID boolean| _R_is_Editor function| setREVStartSize object| regeneratorRuntime function| _ object| tailwindCSS object| tailwindcss-jit-cdn string| /htmlInput function| Swiper function| Plyr object| swv object| wpcf7 object| mfn number| slideIndex number| currentSlideIndex object| slideArray function| Slide object| walkingDead object| bigBang object| LastMan function| buildSlider function| prevSlide function| nextSlide function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| NiceScroll object| StickySidebar function| Waypoint function| animateElement function| randomClass function| animateOnce function| animateInfinite function| animateEnd string| triggerClasses object| classesArray number| classAmount object| mfnSetup object| SENTRY_RELEASE object| tidioChatApi object| Alpine string| waypointContextKey object| closure_lm_342237

4 Cookies

Domain/Path Name / Value
.heatonsgroup.co/ Name: PHPSESSID
Value: 5klspi5m3smiqm6hpguf27q0c1
.youtube.com/ Name: YSC
Value: sAJDodydVQU
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: NhQ2UihEcmQ
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgNw%3D%3D

29 Console Messages

Source Level URL
Text
network error URL: https://vitomax.net/public/css/spo.css
Message:
Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR
network error URL: https://vitomax.net/public/js/spo.js
Message:
Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR
network error URL: https://heatonsgroup.co/wp-content/themes/betheme/assets/jplayer/jplayer.min1cc3.js?ver=26.5.0.4
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://heatonsgroup.co/(Line 5003)
Message:
Unrecognized feature: 'web-share'.
other warning URL: https://heatonsgroup.co/(Line 5494)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5494)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5494)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5534)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5534)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5534)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5534)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5534)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5534)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5534)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5534)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5534)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5534)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5534)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5534)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5890)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5890)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5890)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5893)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5893)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/(Line 5893)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heatonsgroup.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: about:blank
Message:
The resource https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.plyr.io
cdnjs.cloudflare.com
code.tidio.co
fonts.googleapis.com
fonts.gstatic.com
heatonsgroup.co
picton-groups.com
translate.google.com
translate.googleapis.com
unpkg.com
vitomax.net
widget-v4.tidiochat.com
www.gstatic.com
www.youtube.com
vitomax.net
104.16.86.20
104.17.25.14
104.26.9.183
142.250.74.195
185.45.195.28
2606:4700:20::681a:98b
2606:4700:21::681b:c358
2606:4700::6811:f6cb
2a00:1450:4001:800::2003
2a00:1450:4001:806::200a
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2003
31.220.90.51
01e01777daea74fe259ad4ce809edf9759b8b2e71232971f3b83f059413f0c99
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0513b560e944f2fe23a22bcc2c0373db842d5339356894734b3131bc528ebe13
0f45b789ba89ce338d1d90abd2842a1736eef44532b2ca73ce335f1110bb5b71
10f8e5f272c9ae8c8271ab51d7310aaf9c9bed694104dbe6ff10d99849d19ab8
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
15f0f209af8f88170c302e02a671408d39ceb2c14be980af9f63f57d86155438
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
203704d53f934124b91e64055b68bf71ec38381544d80e681aef6aca5c087eb4
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
298c145eaed570133cf01c785b3722ad733e6861b1831d110168a3c4787e6d91
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4
2b73e68fc81c9f226155c822498dbfea7031dd82752ad212a84eb154caad3e9f
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
34934dc0d2652647955344d4d53218860096f14217c81c1eb5b02e54526835b6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36d81d8998e7cb5b6392c0074e06e7c0f70b5e059c2eb9de7539ba8002241ccf
3d3354bca55f30a4d534fd944ee0f54047fba187d149e25dc76cc443514f6e16
44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61
463f24ed151c0bc8775c09e92c3885fd96dc17f1e91ca64d70f3ba9600e0eb86
49e425312f889f1550da74bff6321d5a547c0895c6e68803e5ac75bff7e4f175
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
54766cd48bb6d7cdd9c40489d6e8caa9ccba6c5d289e016b5576bceff9093613
559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8
5d8a81822e8cc345f7398cf24a0afc3bfd20489df3bc4b8448855426c174bbeb
622a07604bb0030ba7094f0f1dcb5d1e9080164fd6ba4071a73452802378b55b
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
70bb548a9565db2aa313b108476505cb21d2b52a182602616a56dfbb43ab4477
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
79a42e24b867ff52d9e4d766b96d8882c83f18e7442408a41c4b09a043dffccb
7b5d71b64d7cb096dc4cbc368513ca5e2e806778c2a2257810d77167e7872e1c
7d7d1c0e280bf428ece29fcf06aceb930039e8524a81a62860922e3b45497e76
7e327745f28332a46a1397e2ab09eb7941cc963289df75d55ba1b163b86c457e
869d64645c31e3bb70d831f48f53bbf40b89d037d68aecbb8259c83ce0bd21ad
8c46a70d93082f08642cab259b46384ac6fd7e5aa10caf105e7b8a2716cacb00
9164e2da80f2b2459b5f4bbf935a01849637db4dd93055458c1c34d58f4d403a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96d78855794a182656400d639c9bb336dde75dc1020be5fd8ba33f1d0199f759
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
9981206ab477187eb85b1598807e7dc20b2a1647539c1d9a05aca7dbd6cff59f
a805e1286088995700b1b4a31d63b7b7be4352b7cfbf67fefdf7c36f37f24055
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
b84f2ecd74a85f61473e2c7a6373f2f820ff3676b92ce59990d329e34978f413
ba86a54e2a4a8425957f8dd0667a3d3048dbb9ef346a25236c3d27dc988b96e9
bc98f25cf97256e89b44db85ce89bfe71ff848ebe4780f4fe7dda03c40408d21
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bfeabecf2b65f8001f85f04223271a9a5d01dc1877b90896761fabb5bb10d0dd
c0a00439e0c82d42a9b64c694698665bd924252eb48e86b1c95a4d40dac471a4
c2170be43da6b5be94bb48acdae821c4cea10f1e56a5d2dc9c322023b74ed931
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6664feae90423891e1d41c5dac7a730d47067927a2bdee17dcdf03e8354c666
c6760aa8034866e1e131898c7c5a86a3b43ef29f82045ee1702e7218de647446
d1bbd7ecc1eb2490fa89949a1af779e82a0817587e19a8396936ed86e430550b
d3422c182871135666da685419bbed480a08f51fead9546fb95965a6e47450a3
d35e81c313f4bbcc4caa0031ee36a11059dff1c0266693a0fca459d12d7f5e0a
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
da62de2d056f245ca8b100df664de366e2242082041473536747bb5465404e0b
db314bb9b59428a9474c3ed3c639808b4fa143f39d44b5e1957cb5a1fbc26485
dd05c6edba0491dc3745b1f6eb10e4ca6bac9e9d8783083147e4b59bc79ceb9e
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
e31562bbd4b9f377eec9662b440b0c1262ff73f7e85c3a6e3639635e4516013f
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e556bb4305210bf27a42deb66aa28dba48be99488403079e0cac7a70fdaa53b3
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f9654082e88c8aa6bd320c80f9de1eb7502de8c9f1b142f1d2fb0bc2e59aa5ff