heg.com.au Open in urlscan Pro
192.124.249.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sm3.b64.mywebsitetransfer.com/
Effective URL:
https://heg.com.au/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On March 05 via api (March 5th 2024, 7:53:56 pm UTC) from IT — Scanned from SG

Summary HTTP 158 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 158 HTTP transactions. The main IP is 192.124.249.111, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is heg.com.au.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 10th 2023. Valid for: a year.

This is the only time heg.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	184.168.113.223 184.168.113.223	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
96	192.124.249.111 192.124.249.111	30148 (SUCURI-SEC) (SUCURI-SEC)
4	142.251.10.95 142.251.10.95	15169 (GOOGLE) (GOOGLE)
7	99.86.91.48 99.86.91.48	16509 (AMAZON-02) (AMAZON-02)
14	172.253.118.106 172.253.118.106	15169 (GOOGLE) (GOOGLE)
3	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
5	142.251.175.94 142.251.175.94	15169 (GOOGLE) (GOOGLE)
13	74.125.130.94 74.125.130.94	15169 (GOOGLE) (GOOGLE)
2	52.42.87.42 52.42.87.42	16509 (AMAZON-02) (AMAZON-02)
8	44.238.180.134 44.238.180.134	16509 (AMAZON-02) (AMAZON-02)
1	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
2	44.236.148.180 44.236.148.180	16509 (AMAZON-02) (AMAZON-02)
158	12

1 184.168.113.223 (Singapore, Singapore) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 223.113.168.184.host.secureserver.net

sm3.b64.mywebsitetransfer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

96 192.124.249.111 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10111.sucuri.net

heg.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.10.95 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 99.86.91.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-48.cdg50.r.cloudfront.net

connect.podium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.253.118.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.175.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 74.125.130.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.42.87.42 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-87-42.us-west-2.compute.amazonaws.com

lab.analyticspodium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 44.238.180.134 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-180-134.us-west-2.compute.amazonaws.com

mind-flayer.podium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.236.148.180 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-148-180.us-west-2.compute.amazonaws.com

api2.analyticspodium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
96	heg.com.au heg.com.au	2 MB
18	gstatic.com fonts.gstatic.com www.gstatic.com	2 MB
15	podium.com connect.podium.com — Cisco Umbrella Rank: 30577 mind-flayer.podium.com — Cisco Umbrella Rank: 31134 avatars.podium.com Failed	344 KB
14	google.com www.google.com — Cisco Umbrella Rank: 2	115 KB
4	analyticspodium.com lab.analyticspodium.com — Cisco Umbrella Rank: 30170 api2.analyticspodium.com — Cisco Umbrella Rank: 28841	6 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	7 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	152 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	185 B
1	mywebsitetransfer.com 1 redirects sm3.b64.mywebsitetransfer.com	461 B
158	9

	Domain	Requested by
96	heg.com.au	heg.com.au connect.facebook.net
14	www.google.com	heg.com.au www.gstatic.com www.google.com
13	www.gstatic.com	www.google.com
8	mind-flayer.podium.com	connect.podium.com
7	connect.podium.com	heg.com.au connect.podium.com
5	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	heg.com.au
3	connect.facebook.net	heg.com.au connect.facebook.net
2	api2.analyticspodium.com	connect.podium.com
2	lab.analyticspodium.com	connect.podium.com
1	www.facebook.com	heg.com.au
1	sm3.b64.mywebsitetransfer.com	1 redirects
0	avatars.podium.com Failed
158	13

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.facebook.com
youtu.be
shop.heg.com.au
www.domain.com.au
www.google.com

Subject Issuer	Validity	Valid
heg.com.au Go Daddy Secure Certificate Authority - G2	`2023-12-10` - `2024-12-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.podium.com Amazon RSA 2048 M02	`2023-05-24` - `2024-06-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.analyticspodium.com Amazon RSA 2048 M02	`2023-12-27` - `2025-01-25`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://heg.com.au/
Frame ID: D5A2FAB8D758127CDCB9A15FA8C45426
Requests: 120 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA&co=aHR0cHM6Ly9oZWcuY29tLmF1OjQ0Mw..&hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=rbr1bifu5ov5
Frame ID: 27CAB0E0AC42A3E5425B6C541DDA3E6C
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA&co=aHR0cHM6Ly9oZWcuY29tLmF1OjQ0Mw..&hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=7zcl1kohbfe2
Frame ID: F30BBFB601ECD697CA8C62679947A09A
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA&co=aHR0cHM6Ly9oZWcuY29tLmF1OjQ0Mw..&hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=acjj6hng0krh
Frame ID: C599B97E150C6D32576E388BB2E2B1C5
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA
Frame ID: EFEB87C551838CCA736AC9DA1CD32FAE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA
Frame ID: 63C8531E7EB7052318E3ECAB0E6A0969
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA
Frame ID: 4757A91325D2492F8A5D1A1D35CFB9F7
Requests: 3 HTTP requests in this frame

Frame: https://connect.podium.com/styles.css
Frame ID: EF5434A8207C3570E95F43BCA78BD9E5
Requests: 3 HTTP requests in this frame

Frame: https://connect.podium.com/styles.css
Frame ID: 1ABBC54A6E3F70A27AC04428198BEC7D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HEG : Home Efficiency Group

Page URL History Show full URLs

http://sm3.b64.mywebsitetransfer.com/ HTTP 301
https://heg.com.au/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

158
Requests

98 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

12
IPs

2
Countries

4252 kB
Transfer

11020 kB
Size

5
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/home-efficiency-group/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HomeEfficiencyGroup

Search URL Search Domain Scan URL

URL: https://youtu.be/N0DDKfK3lbY

Search URL Search Domain Scan URL

URL: https://shop.heg.com.au/
Title: DIY e-Catalogue

Search URL Search Domain Scan URL

URL: http://shop.heg.com.au/
Title: Catalog

Search URL Search Domain Scan URL

URL: https://www.domain.com.au/news/energy-efficient-homes-can-sell-for-as-much-as-10-per-cent-more-research-shows-923202/
Title: current research

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HomeEfficiencyGroup/reviews/
Title: <img class="alignnone wp-image-11407" src="https://heg.com.au/wp-content/uploads/REVIEW-LOGO-facebook-1-300x136.png" alt="" width="232" height="105" srcset="https://heg.com.au/wp-content/uploads/REVIEW-LOGO-facebook-1-300x136.png 300w, https://heg.com.au/wp-content/uploads/REVIEW-LOGO-facebook-1-768x348.png 768w, https://heg.com.au/wp-content/uploads/REVIEW-LOGO-facebook-1.png 800w" sizes="(max-width: 232px) 100vw, 232px" />

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/HEG+:+Home+Efficiency+Group/@-41.4126297,147.1303631,17z/data=!4m7!3m6!1s0xaa6e759955555555:0x15437b620998fea8!8m2!3d-41.4126297!4d147.1325518!9m1!1b1
Title: <img class="alignnone wp-image-11405" src="https://heg.com.au/wp-content/uploads/Google-Business-Reviews-300x103.png" alt="Google Business Reviews" width="218" height="75" srcset="https://heg.com.au/wp-content/uploads/Google-Business-Reviews-300x103.png 300w, https://heg.com.au/wp-content/uploads/Google-Business-Reviews.png 500w" sizes="(max-width: 218px) 100vw, 218px" />

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sm3.b64.mywebsitetransfer.com/ HTTP 301
https://heg.com.au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

158 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
heg.com.au/
Redirect Chain

http://sm3.b64.mywebsitetransfer.com/
https://heg.com.au/

278 KB
34 KB

223ms
36ms

Document
text/html

192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

0231e6b4b64a14c310f164932251b2dd0bb80940851923e287709b963e814c86

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: gzip
content-length: 34291
content-security-policy: upgrade-insecure-requests; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 05 Mar 2024 19:53:42 GMT
link: <https://heg.com.au/wp-json/>; rel="https://api.w.org/", <https://heg.com.au/wp-json/wp/v2/pages/7598>; rel="alternate"; type="application/json", <https://heg.com.au/>; rel=shortlink
server: nginx
strict-transport-security: max-age=300
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-litespeed-tag: 52e_HTTP.200
x-sucuri-cache: HIT
x-sucuri-id: 18011
x-xss-protection: 1; mode=block

Redirect headers

Connection: Upgrade, Keep-Alive
Content-Length: 0
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Mar 2024 19:53:42 GMT
Keep-Alive: timeout=5
Location: https://heg.com.au/
Server: Apache
Strict-Transport-Security: max-age=300
Upgrade: h2,h2c
Vary: Accept-Encoding
X-LiteSpeed-Tag: 52e_HTTP.200,52e_HTTP.301
X-Powered-By: PHP/7.4.33
X-Redirect-By: WordPress

GET
H2 200 layerslider.css
heg.com.au/wp-content/plugins/LayerSlider/static/layerslider/css/ 22 KB
4 KB 51ms
50ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.9.2

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

39eadd1cbab3247462a6e2c98e375d19e3e6e9b7a52bcf5996f396b83e82fc85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 3971
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 02:49:26 GMT
server: nginx
etag: "761105-5883-5aed87fed9980-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
heg.com.au/wp-includes/css/dist/block-library/ 79 KB
10 KB 55ms
55ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-includes/css/dist/block-library/style.min.css?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 9945
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Sep 2021 04:05:58 GMT
server: nginx
etag: "561b74-13abe-5cae72efad580-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.css
heg.com.au/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 55ms
55ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.2

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 849
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:34:25 GMT
server: nginx
etag: "92199e-aab-5cfce5a1766df-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
heg.com.au/wp-content/themes/cesis/ 371 KB
45 KB 98ms
97ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/style.css?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

9fcda38a7161e400905981bc70d1c7c3ef1088a7289878d5cba30d7444cc63f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 45734
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:51 GMT
server: nginx
etag: "721e84-5cb49-5aed6c98934c0-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cesis_media_queries.css
heg.com.au/wp-content/themes/cesis/css/ 9 KB
2 KB 158ms
158ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/css/cesis_media_queries.css?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

8625b8efb2e7cec893a6d5c5f2854c3033c182ea0961665c810cb10426f03b3b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 1934
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:51 GMT
server: nginx
etag: "9612b8-24a0-5aed6c98934c0-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cesis_plugins.css
heg.com.au/wp-content/themes/cesis/css/ 111 KB
10 KB 158ms
158ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/css/cesis_plugins.css?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

5db5f9c12c0f6cddabb29e0ac73f3d3084ede054673bfcf60a7c8295ec66e5de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 10006
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:51 GMT
server: nginx
etag: "9612b9-1bca2-5aed6c98934c0-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cesis_icons.css
heg.com.au/wp-content/themes/cesis/includes/fonts/cesis_icons/ 68 KB
11 KB 238ms
237ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/includes/fonts/cesis_icons/cesis_icons.css?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

8fe444b84e3551de4addd1260d27117a520b18e0f29b6b10a12ce9e6788e1192

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 10960
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:50 GMT
server: nginx
etag: "96131c-10ef9-5aed6c979f280-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 34 KB
2 KB 866ms
100ms Stylesheet
text/css 142.251.10.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C70%7COpen+Sans%3A300%2C400%2C600%2C700%7CRoboto%3A400%2C500%2C700%2C900&subset=latin%2Clatin-ext

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.95 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f95.1e100.net

Software

ESF /

Resource Hash

3cc317602c660405911229b8e6d52effae2c736feec908c77092b30e0c8ba52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 19:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 19:53:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 19:53:43 GMT

GET
H2 200 admin-ajax.php
heg.com.au/wp-admin/ 79 KB
11 KB 1802ms
1801ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-admin/admin-ajax.php?action=dynamic_css&ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

67b54513de64444d6400b8c9553556c608cc15c1429bd37cd1dc75bd2dae6eae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:44 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300
content-encoding: gzip
x-sucuri-cache: BYPASS
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 Feb 2021 18:13:04 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset: UTF-8;charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-sucuri-id: 18011
x-robots-tag: noindex
expires: Wed, 10 Feb 2021 18:13:04 GMT

GET
H2 200 js_composer.min.css
heg.com.au/wp-content/plugins/js_composer/assets/css/ 474 KB
41 KB 237ms
237ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.3.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

f1dbbc4be8d88ae17466b1d7a8fd7bf4f9d9b5ab492719cdea721d82cecb738d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 41022
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 02:50:34 GMT
server: nginx
etag: "8a1bb4-76828-5aed883fb3280-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pum-site-styles.css
heg.com.au/wp-content/uploads/pum/ 16 KB
3 KB 247ms
246ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/uploads/pum/pum-site-styles.css?generated=1598601026&ver=1.11.2

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

8bd29dc9e61cd8bd7934aa3a807f2e1b6deff63e681fe288978521663291774f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 3005
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Aug 2020 07:50:26 GMT
server: nginx
etag: "961b9b-3f18-5adeb4e4ad480-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 the-grid.min.css
heg.com.au/wp-content/plugins/the-grid/frontend/assets/css/ 43 KB
7 KB 246ms
246ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/the-grid/frontend/assets/css/the-grid.min.css?ver=2.7.5

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

9dab9e4666c7c0eadfdccf980e551cbe52ea71918ad2760feabd34f4dac3c003

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 7170
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:34:25 GMT
server: nginx
etag: "9219cf-ab5a-5cfce5a18d22a-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome-social.css
heg.com.au/wp-content/themes/cesis/admin/redux-extensions/extensions/dev_iconselect/dev_iconselect/include/fontawesome/css/ 10 KB
3 KB 246ms
246ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/admin/redux-extensions/extensions/dev_iconselect/dev_iconselect/include/fontawesome/css/font-awesome-social.css?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

10ab8b6f59e29954e4297f493bea24b7c83d6fe409d09a591874d43cd43ba6b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 2314
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:49 GMT
server: nginx
etag: "80160f-280e-5aed6c96ab040-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 861ms
99ms Stylesheet
text/css 142.251.10.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%2C400italic%2C500%7CRoboto+Slab%3A400%7CPoppins%3A700%2C600%7COpen+Sans%3A400&ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.95 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f95.1e100.net

Software

ESF /

Resource Hash

cda361d0682960cd942e17e52b286687a44a9eddd0a29ea5ad25bdc2e32f4873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 19:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 19:53:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 19:53:43 GMT

GET
H2 200 greensock.js Show response
heg.com.au/wp-content/plugins/LayerSlider/static/layerslider/js/ 119 KB
40 KB 245ms
245ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

0d5d31daf049b4444184f5a7dab253c49bf1ba86b1ce5e182c0ca99dae382804

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 40331
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 02:49:26 GMT
server: nginx
etag: "76110d-1dd7f-5aed87fed9980-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
heg.com.au/wp-includes/js/jquery/ 87 KB
30 KB 245ms
244ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 30310
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
etag: "941670-15db1-5bd3006388300-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
heg.com.au/wp-includes/js/jquery/ 11 KB
4 KB 244ms
244ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 3998
x-xss-protection: 1; mode=block
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
etag: "941668-2bd8-5b45debe27b80-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 layerslider.kreaturamedia.jquery.js Show response
heg.com.au/wp-content/plugins/LayerSlider/static/layerslider/js/ 123 KB
44 KB 244ms
243ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.9.2

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

fef6d1fd3fe4b01f07b669cbd32fbf0eeb611bbd8df226e0ea303ad4aa1fa961

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 44643
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 02:49:26 GMT
server: nginx
etag: "76110f-1edce-5aed87fed9980-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 layerslider.transitions.js Show response
heg.com.au/wp-content/plugins/LayerSlider/static/layerslider/js/ 23 KB
3 KB 243ms
243ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.9.2

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

e60fbf0bdc14cbc9e44557e622bdd1864f5556b72b7d9f46e0f039aed2f4840a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 3086
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 02:49:26 GMT
server: nginx
etag: "761110-5d17-5aed87fed9980-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-emoji-release.min.js Show response
heg.com.au/wp-includes/js/ 18 KB
5 KB 39ms
39ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-includes/js/wp-emoji-release.min.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:44 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 4542
x-xss-protection: 1; mode=block
last-modified: Tue, 08 Jun 2021 22:15:12 GMT
server: nginx
etag: "8617b8-4705-5c4487ddedc00-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 widget.js Show response
connect.podium.com/ 678 KB
191 KB 2506ms
1317ms Script
application/javascript 99.86.91.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/widget.js
Requested by: Host: heg.com.au
URL: https://heg.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-48.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de548a8d4e7ca7f4e8c2f5511a22ce62d48685dcb3585fc41648deaaf5a3defc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:24:02 GMT
content-encoding: gzip
via: 1.1 e225339d299ad31ad0818dbdb8c65826.cloudfront.net (CloudFront)
last-modified: Tue, 05 Mar 2024 18:23:55 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C1
age: 1785
etag: "2c1118e5cbd88302f6e29fd272f8017a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 194511
x-amz-cf-id: xnNIqu8lvC67zcCwKTXSByQUMmmFRktUrt8lR11wY2-vZvByDUAJQg==

GET
H2 200 fonts.css
heg.com.au/wp-content/uploads/redux/custom-fonts/ 0
434 B 1630ms
1613ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/uploads/redux/custom-fonts/fonts.css?ver=1709661135

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:44 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: MISS
content-length: 1
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Oct 2021 00:19:53 GMT
server: nginx
etag: "961ba5-0-5ce4509a176f7-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 819ms
101ms Stylesheet
text/css 142.251.10.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic&ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.95 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f95.1e100.net

Software

ESF /

Resource Hash

b2b513d915ee0689890c4c17b634c139f58067a1b0ec3513e21886945b215c66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 19:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 19:41:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 19:53:43 GMT

GET
H2 200 animate.min.css
heg.com.au/wp-content/plugins/js_composer/assets/lib/bower/animate-css/ 51 KB
4 KB 395ms
379ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.3.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

1c3fbf3f4938451bc3b7781f832b7da84c23eec5b979ac7541ec754e67e3b6d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 3430
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 02:50:31 GMT
server: nginx
etag: "8a1d8d-caa8-5aed883cd6bc0-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 choices.min.css
heg.com.au/wp-content/plugins/wpforms/assets/css/ 11 KB
2 KB 396ms
379ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/assets/css/choices.min.css?ver=9.0.1

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

62d9ec7bc6d8d7c262fd378bd7ec9d66f52bb0f8e390004bb023148fa88de65d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 1853
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "921156-2d8d-5cfce52dd5cc5-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 password.min.css
heg.com.au/wp-content/plugins/wpforms/pro/assets/css/fields/ 881 B
675 B 396ms
380ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/pro/assets/css/fields/password.min.css?ver=1.7.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

148fa343f9798f282a1b31f6f29dbaac940c4df96849404f14602c100fd67a03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 240
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "9217a5-371-5cfce52e01032-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 intl-tel-input.min.css
heg.com.au/wp-content/plugins/wpforms/pro/assets/css/vendor/ 79 KB
5 KB 396ms
381ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/pro/assets/css/vendor/intl-tel-input.min.css?ver=17.0.5

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

dcec1bb908e57713b4739dc0e93cdb10620daa8075b64d67f0ca086f6184594b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 5012
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "921787-13a27-5cfce52e0047a-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dropzone.min.css
heg.com.au/wp-content/plugins/wpforms/pro/assets/css/ 6 KB
2 KB 397ms
381ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/pro/assets/css/dropzone.min.css?ver=5.7.2

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

9932efc62eb44589ec8a1ad3fa7f4a8756534326394d281ee4da14b51f59e871

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 1619
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "921798-162e-5cfce52e00c4a-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 modal-views.min.css
heg.com.au/wp-content/plugins/wpforms/pro/assets/css/fields/richtext/ 6 KB
2 KB 403ms
387ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/pro/assets/css/fields/richtext/modal-views.min.css?ver=1.7.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

1b4399ea13ecb6a6617a480b0dbd7f44c1a2a3c5ab35ec20987e1c2bcda956c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 1324
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "9217a3-1917-5cfce52e01032-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dashicons.min.css
heg.com.au/wp-includes/css/ 58 KB
35 KB 404ms
388ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-includes/css/dashicons.min.css?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 35109
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: nginx
etag: "4e1325-e688-5bca85cdbf580-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 editor.min.css
heg.com.au/wp-includes/css/ 27 KB
6 KB 405ms
389ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-includes/css/editor.min.css?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

3ae0c9b0e86a97ded8a6a3da53df7940dffe17ea6247584e0e192ca4ad5a0e39

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 5671
x-xss-protection: 1; mode=block
last-modified: Thu, 22 Apr 2021 22:58:05 GMT
server: nginx
etag: "4e1329-6a34-5c0979cb11940-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend-base.min.css
heg.com.au/wp-content/plugins/wpforms/pro/assets/css/fields/richtext/ 6 KB
1 KB 405ms
389ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/pro/assets/css/fields/richtext/frontend-base.min.css?ver=1.7.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

83d597fb0b3e0c151b654d642ead654d7678958d9f7fca855aca1899705eae94

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 854
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "92179f-172d-5cfce52e00c4a-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.timepicker.css
heg.com.au/wp-content/plugins/wpforms/assets/css/ 1 KB
794 B 418ms
402ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/assets/css/jquery.timepicker.css?ver=1.11.5

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

cb450f20183b467cf163e0283c7eb98c99c4fd63f49bf195b25a8f94f27a4f0b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 359
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "921144-5da-5cfce52dd58dd-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flatpickr.min.css
heg.com.au/wp-content/plugins/wpforms/assets/css/ 16 KB
3 KB 417ms
403ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/assets/css/flatpickr.min.css?ver=4.6.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

93ac8e22ef8a241ddd954362cc979528693e4b7732dc5de26154d9bbf60011fb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 2826
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "921155-3ed2-5cfce52dd5cc5-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpforms-base.min.css
heg.com.au/wp-content/plugins/wpforms/assets/css/ 21 KB
4 KB 418ms
404ms Stylesheet
text/css 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/assets/css/wpforms-base.min.css?ver=1.7.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

ef4743b35a4bd292ce1e70438c1fcb41fd34618ad058c3d2b50980a3b5ed3a36

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 3375
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "921147-5531-5cfce52dd58dd-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 regenerator-runtime.min.js Show response
heg.com.au/wp-includes/js/dist/vendor/ 6 KB
3 KB 418ms
405ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 2312
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:06:13 GMT
server: nginx
etag: "8e1cdf-1906-5c563acace740-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-polyfill.min.js Show response
heg.com.au/wp-includes/js/dist/vendor/ 16 KB
6 KB 419ms
405ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 5808
x-xss-protection: 1; mode=block
last-modified: Mon, 14 Jun 2021 23:18:11 GMT
server: nginx
etag: "8e1cef-4056-5c4c2122a12c0-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.js Show response
heg.com.au/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 507ms
494ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.2

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 3534
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:34:25 GMT
server: nginx
etag: "9219a7-2e56-5cfce5a176ac7-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
961 B 55ms
54ms Script
text/javascript 172.253.118.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f106.1e100.net

Software

GSE /

Resource Hash

3c7957bce710a6ea1eea5e23bb5fb148a463d95a91feafca15d73c987661da38

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 19:53:46 GMT

GET
H2 200 cesis_collapse.js Show response
heg.com.au/wp-content/themes/cesis/js/ 5 KB
2 KB 508ms
495ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/js/cesis_collapse.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

e03e8c980759f7a1f77046a8d9f09a918c1e8e8fc68914b6f2beff3e34a45066

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 1418
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:49 GMT
server: nginx
etag: "9613b5-14ba-5aed6c96ab040-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cesis_countup.js Show response
heg.com.au/wp-content/themes/cesis/js/ 7 KB
2 KB 508ms
495ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/js/cesis_countup.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

b2ce006758cfb4f12f996d3acec455289405d24aa4891027554b5b544b585e05

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 1906
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:49 GMT
server: nginx
etag: "9613b6-1ca5-5aed6c96ab040-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cesis_easing.js Show response
heg.com.au/wp-content/themes/cesis/js/ 5 KB
2 KB 509ms
496ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/js/cesis_easing.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

41dbff04fe2fd324a4b049a6a1f1fa1ae7f7bd1df789b647c8565cd268ac982a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 1723
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:49 GMT
server: nginx
etag: "9613b8-146b-5aed6c96ab040-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cesis_fittext.js Show response
heg.com.au/wp-content/themes/cesis/js/ 1 KB
970 B 510ms
497ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/js/cesis_fittext.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

5140d086598458faaec671f85f7ceb27414ae23f188888a655af560d5cdc8cc3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 525
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:49 GMT
server: nginx
etag: "9613b9-449-5aed6c96ab040-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fitvids.js Show response
heg.com.au/wp-content/themes/cesis/js/ 3 KB
2 KB 510ms
498ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/js/fitvids.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

64f9e1a96ce82fb49590f8d93fba3911753a562a49259cea76c371202cac5b18

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 1169
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:49 GMT
server: nginx
etag: "9613bf-d6b-5aed6c96ab040-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fonticonpicker.js Show response
heg.com.au/wp-content/themes/cesis/js/ 12 KB
3 KB 511ms
498ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/js/fonticonpicker.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

3c96a0133005c8e7885757c4a9726e52e90bd841ec31bb17e22dc283d9ee6628

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 3047
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:49 GMT
server: nginx
etag: "9613c0-3144-5aed6c96ab040-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lightgallery.js Show response
heg.com.au/wp-content/themes/cesis/js/ 31 KB
8 KB 511ms
499ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/js/lightgallery.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

28936d7d854132e9eeb18487d36db24f00a69579ca68fa8392e971e80198f5bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 7506
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:49 GMT
server: nginx
etag: "9613c2-7a3c-5aed6c96ab040-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owlcarousel.js Show response
heg.com.au/wp-content/themes/cesis/js/ 40 KB
11 KB 512ms
500ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/js/owlcarousel.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

ae346c6f8eaa5ebf96ee03e8ed58f9c2dc6d1c36148f7aa3690e21998e578e4a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 10480
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:49 GMT
server: nginx
etag: "9613c3-9eeb-5aed6c96ab040-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scrollmagic.js Show response
heg.com.au/wp-content/themes/cesis/js/ 142 KB
45 KB 512ms
501ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/js/scrollmagic.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

80397e47e371a0c58745877e90ecbd4dc00861758b4af63686089b544cf27456

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 45654
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:49 GMT
server: nginx
etag: "9613c4-23782-5aed6c96ab040-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cesis_transition.js Show response
heg.com.au/wp-content/themes/cesis/js/ 2 KB
1017 B 518ms
507ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/js/cesis_transition.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

8fea986c7e721c0067b26eb87ebe1e3d6c39cf3ec7a1d5b056023c2a7d6ab885

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 572
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:49 GMT
server: nginx
etag: "9613bb-632-5aed6c96ab040-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 smartmenus.js Show response
heg.com.au/wp-content/themes/cesis/js/ 25 KB
7 KB 519ms
508ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/js/smartmenus.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

0f9ee863dc0f0b7e60c7ecbd8acb70188f1f6995e39dd2015e16cdd26901e2af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 6969
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:49 GMT
server: nginx
etag: "9613c5-62a8-5aed6c96ab040-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 isotope.js Show response
heg.com.au/wp-content/themes/cesis/js/ 47 KB
13 KB 581ms
570ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/js/isotope.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

275901c25e8edc563da3aaebe37e7432d60d69876a1504aeaaaeac549f5f3492

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 12913
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:49 GMT
server: nginx
etag: "9613c1-bccf-5aed6c96ab040-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 waypoints.js Show response
heg.com.au/wp-content/themes/cesis/js/ 9 KB
3 KB 585ms
574ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/js/waypoints.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

ab53772279b1ec3b386a24792d1d667ec42e9a20623ab2baabf72e351270b806

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 2611
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:49 GMT
server: nginx
etag: "9613c6-237a-5aed6c96ab040-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cesis_custom.js Show response
heg.com.au/wp-content/themes/cesis/js/ 94 KB
18 KB 589ms
579ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/js/cesis_custom.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

eb3df5f63983457802eacc40f7200cfd91424876308c5a4fde148953b22b61f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 18090
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:49 GMT
server: nginx
etag: "9613b7-17721-5aed6c96ab040-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js_composer_front.min.js Show response
heg.com.au/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
6 KB 600ms
590ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.3.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

527beb6c2c7fb7390156ab5c7e269b74994831e1cae8a54bec16e6165b908fc4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 5581
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 02:50:33 GMT
server: nginx
etag: "8a1c40-50d9-5aed883ebf040-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 core.min.js Show response
heg.com.au/wp-includes/js/jquery/ui/ 20 KB
7 KB 605ms
595ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 6596
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Mar 2021 17:48:23 GMT
server: nginx
etag: "961c52-5133-5bdd334ac27c0-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pum-site-scripts.js Show response
heg.com.au/wp-content/uploads/pum/ 56 KB
15 KB 606ms
596ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1598601027&ver=1.11.2

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

11317e706cc711a66dd03f4e8e1b83f42f6ea2852e9c15e15c9335691fe8e367

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 15290
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Aug 2020 07:50:26 GMT
server: nginx
etag: "961b9a-df5d-5adeb4e4ad480-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 smush-lazy-load.min.js Show response
heg.com.au/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 618ms
608ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.15.5

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

d09b448804842c6236c199c2fba8f38f7be0a8c5a75f38f234631428b5f35ee3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 3553
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Feb 2024 21:59:17 GMT
server: nginx
etag: "6e08f1-1ef2-610e5ec48481e-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 effect.min.js Show response
heg.com.au/wp-includes/js/jquery/ui/ 17 KB
6 KB 619ms
609ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-includes/js/jquery/ui/effect.min.js?ver=1.12.1

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

74cc6a206326b8229276585c91ff2029af2061b89ffbadb4e5873353cf6e93ae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 6158
x-xss-protection: 1; mode=block
last-modified: Tue, 11 May 2021 20:12:15 GMT
server: nginx
etag: "961c7a-4210-5c213829c45c0-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 the-grid.min.js Show response
heg.com.au/wp-content/plugins/the-grid/frontend/assets/js/ 95 KB
28 KB 654ms
644ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/the-grid/frontend/assets/js/the-grid.min.js?ver=2.7.5

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

6aabd5ad1e5c3f49e7e965433d509d402826869bae958ee412eaf3a56240d511

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 28089
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:34:25 GMT
server: nginx
etag: "9219d6-17c73-5cfce5a18d22a-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
heg.com.au/wp-includes/js/ 1 KB
1 KB 700ms
691ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-includes/js/wp-embed.min.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 703
x-xss-protection: 1; mode=block
last-modified: Tue, 16 May 2023 19:38:58 GMT
server: nginx
etag: "8617b5-5c6-5fbd4b8f53224-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vc-waypoints.min.js Show response
heg.com.au/wp-content/plugins/js_composer/assets/lib/vc_waypoints/ 9 KB
3 KB 701ms
691ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.3.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

357ad057de8ffc0fc9df301dd1873c3d482e926791195ee262da3886269f84d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 2687
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 02:50:32 GMT
server: nginx
etag: "8c0fec-2415-5aed883dcae00-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpforms.js Show response
heg.com.au/wp-content/plugins/wpforms/assets/js/ 65 KB
16 KB 701ms
692ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/assets/js/wpforms.js?ver=1.7.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

51ab6f15175a2fa2acba346b9dceb780a93d28c4a7758786fae1223adc865faa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 15837
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "9212ab-105e5-5cfce52dd9b45-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpforms-captcha.min.js Show response
heg.com.au/wp-content/plugins/wpforms-captcha/assets/js/ 1 KB
978 B 703ms
694ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms-captcha/assets/js/wpforms-captcha.min.js?ver=1.3.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

ac24a69d166e31df6dede20bdae1ce0b5716f77b8e22ad4c35158e345ca21f96

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 533
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Jul 2019 00:24:04 GMT
server: nginx
etag: "94138e-522-58edb06a4d100-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpforms-conditional-logic-fields.js Show response
heg.com.au/wp-content/plugins/wpforms/pro/assets/js/ 18 KB
4 KB 703ms
695ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/pro/assets/js/wpforms-conditional-logic-fields.js?ver=1.7.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

c8998c826c64dcbd44498e12e1798f1e2bf8f386848413fd5c760e91662f6109

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 3870
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "9217d4-4680-5cfce52e01bea-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 choices.min.js Show response
heg.com.au/wp-content/plugins/wpforms/assets/js/ 72 KB
19 KB 707ms
699ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/assets/js/choices.min.js?ver=9.0.1

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

e0277e376e8cf13b997380f87679bf54298b9455a07f78ddeb7ac3346d4585a0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 18569
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "9212e3-12039-5cfce52debc57-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zxcvbn-async.min.js Show response
heg.com.au/wp-includes/js/ 351 B
633 B 716ms
708ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-includes/js/zxcvbn-async.min.js?ver=1.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

e93e18f2f34a865e27d2d839eaccca6bec750d357f1c937980026d6d25507c2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 188
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Feb 2021 16:45:19 GMT
server: nginx
etag: "8617ca-15f-5bc03a4c745c0-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hooks.min.js Show response
heg.com.au/wp-includes/js/dist/ 5 KB
2 KB 716ms
708ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 1717
x-xss-protection: 1; mode=block
last-modified: Thu, 27 May 2021 00:17:06 GMT
server: nginx
etag: "8c12aa-1540-5c344ade1c480-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 i18n.min.js Show response
heg.com.au/wp-includes/js/dist/ 10 KB
4 KB 720ms
713ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 3719
x-xss-protection: 1; mode=block
last-modified: Thu, 27 May 2021 00:17:06 GMT
server: nginx
etag: "8c12ae-268a-5c344ade1c480-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 password-strength-meter.min.js Show response
heg.com.au/wp-admin/js/ 1 KB
1005 B 721ms
714ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-admin/js/password-strength-meter.min.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

fcbe9e9ff2d1c20cab10bf43dc49914e188b44ae21f34257b4a0ef5cae90f7ac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 560
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Jan 2021 12:32:03 GMT
server: nginx
etag: "6810b3-463-5b97c601ab6c0-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 password.min.js Show response
heg.com.au/wp-content/plugins/wpforms/pro/assets/js/fields/ 1 KB
920 B 722ms
714ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/pro/assets/js/fields/password.min.js?ver=1.7.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

836178a4180a9601923c9d219fb0ec6b6e0b3d9522b150064737640bd336b389

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 475
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "9217da-4b6-5cfce52e01bea-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.intl-tel-input.min.js Show response
heg.com.au/wp-content/plugins/wpforms/pro/assets/js/vendor/ 29 KB
11 KB 722ms
715ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/pro/assets/js/vendor/jquery.intl-tel-input.min.js?ver=17.0.5

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

02f25d77f00bc4255fc48330822b7b29fb8d3e67bd7c9cd05ea1ccb63edf559d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 10603
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "9217be-74fe-5cfce52e01802-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dropzone.min.js Show response
heg.com.au/wp-content/plugins/wpforms/pro/assets/js/vendor/ 112 KB
35 KB 751ms
744ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/pro/assets/js/vendor/dropzone.min.js?ver=5.7.2

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

fc4734a05c8fef24aff435e66dd05ac37e6a6ce3659862c9b8043fa3ebd7d457

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 35688
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "9217bf-1c06b-5cfce52e01802-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 underscore.min.js Show response
heg.com.au/wp-includes/js/ 19 KB
7 KB 752ms
745ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-includes/js/underscore.min.js?ver=1.13.1

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 7208
x-xss-protection: 1; mode=block
last-modified: Thu, 27 May 2021 19:33:19 GMT
server: nginx
etag: "8617a5-4a84-5c354d4d5bdc0-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-util.min.js Show response
heg.com.au/wp-includes/js/ 1 KB
1 KB 752ms
745ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-includes/js/wp-util.min.js?ver=5.8.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 647
x-xss-protection: 1; mode=block
last-modified: Fri, 25 Jun 2021 14:50:58 GMT
server: nginx
etag: "8617c4-53c-5c59844787880-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpforms-file-upload.min.js Show response
heg.com.au/wp-content/plugins/wpforms/pro/assets/js/ 7 KB
3 KB 752ms
746ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/pro/assets/js/wpforms-file-upload.min.js?ver=1.7.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

7ee1295838ff2befb8af0fa3165e19a8bca6cbcad821e869001fd05275d13b29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 2373
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "9217c0-1bba-5cfce52e01802-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 richtext.min.js Show response
heg.com.au/wp-content/plugins/wpforms/pro/assets/js/fields/ 3 KB
2 KB 752ms
746ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/pro/assets/js/fields/richtext.min.js?ver=1.7.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

10f42e27a199460d4d040b7cbff9967d21d186896ce32ccbfe3cc5bb9fd9e8c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 1148
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "9217d9-c49-5cfce52e01bea-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.validate.min.js Show response
heg.com.au/wp-content/plugins/wpforms/assets/js/ 24 KB
8 KB 753ms
747ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/assets/js/jquery.validate.min.js?ver=1.19.3

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

4c0cc637858d6503cba9262f8be75740c29e853605a153a7bde46a6e2e367eb0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 7603
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "9212e8-5f6e-5cfce52dec03f-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flatpickr.min.js Show response
heg.com.au/wp-content/plugins/wpforms/assets/js/ 49 KB
14 KB 753ms
747ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/assets/js/flatpickr.min.js?ver=4.6.9

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

f8a27f5be638d85f05ba0fc14f21101818e356f44d27ae96e3a02b7a66d623bf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 13774
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "92129e-c207-5cfce52dd9b45-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.timepicker.min.js Show response
heg.com.au/wp-content/plugins/wpforms/assets/js/ 15 KB
5 KB 753ms
748ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/assets/js/jquery.timepicker.min.js?ver=1.11.5

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

c89abf70364f007b654195d3b9778c66edb0c88974196d61f1786a0bfe816a3b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 4878
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "92129b-3bc1-5cfce52dd975d-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.inputmask.min.js Show response
heg.com.au/wp-content/plugins/wpforms/assets/js/ 141 KB
31 KB 753ms
748ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/assets/js/jquery.inputmask.min.js?ver=5.0.6

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

122d190c17fb6860750f62345610fa9e636ca5f028a7129fc7205416501b7cb8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 31549
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "9212b3-2325d-5cfce52dd9b45-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mailcheck.min.js Show response
heg.com.au/wp-content/plugins/wpforms/assets/js/ 4 KB
2 KB 754ms
749ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/assets/js/mailcheck.min.js?ver=1.1.2

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

8a3820962c15d26c4cdc9eff4f8c66ed29f96e353b7893285cb14962d6a6956d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 1616
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "9212b2-fae-5cfce52dd9b45-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 punycode.min.js Show response
heg.com.au/wp-content/plugins/wpforms/assets/js/ 2 KB
1 KB 754ms
749ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/assets/js/punycode.min.js?ver=1.0.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

69a15ba379260f131f7dfa2a5414cbdc48db661ac21d696773c7e67259255ca1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 834
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "9212a0-6b1-5cfce52dd9b45-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.payment.min.js Show response
heg.com.au/wp-content/plugins/wpforms/assets/js/ 8 KB
3 KB 754ms
749ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/wpforms/assets/js/jquery.payment.min.js?ver=1.7.0

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

4023e81ca6b32d7263da7ee7222ba1eaac5ad1de6bdf7a3da51341f1fd58bbf4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:42 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 2547
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:32:24 GMT
server: nginx
etag: "92128c-2108-5cfce52dd975d-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 889ms
92ms Script
text/javascript 172.253.118.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=wpformsRecaptchaLoad&render=explicit

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f106.1e100.net

Software

GSE /

Resource Hash

6da33c5f66f3036ad3c27847f51b6d411d61c115d69620f7d709e17498cdf92c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 19:53:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1007 B 607ms
95ms Stylesheet
text/css 142.251.10.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat|Acme

Requested by

Host: heg.com.au
URL: https://heg.com.au/wp-content/uploads/pum/pum-site-styles.css?generated=1598601026&ver=1.11.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.95 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f95.1e100.net

Software

ESF /

Resource Hash

5e8eb3ac27502f64410d9546683d5681dd75e8bdf2918b0a38e4f99f2d875291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 19:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 17:55:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 19:53:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 215 KB
58 KB 1707ms
727ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js?v=next

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

3522b3680f1aa94955baf83b28680741db1b25035367de724101bc5237dc5a36

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Mar 2024 19:53:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57343
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: pr4sKi0cKNL2CyGXTbDMAW62Pb5x27z9bK4ryojJDTIFfNDd6nWFejvD6YIgN3HtTReXPMYBSjoPihtBQSbCGA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 1927ms
974ms Font
font/woff2 142.251.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C70%7COpen+Sans%3A300%2C400%2C600%2C700%7CRoboto%3A400%2C500%2C700%2C900&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heg.com.au
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 12:05:20 GMT
x-content-type-options: nosniff
age: 287307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Mar 2025 12:05:20 GMT

GET
H2 200 tticons.ttf
heg.com.au/wp-content/themes/cesis/includes/fonts/cesis_icons/fonts/ 345 KB
166 KB 141ms
140ms Font
font/ttf 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/themes/cesis/includes/fonts/cesis_icons/fonts/tticons.ttf?7siik9

Requested by

Host: heg.com.au
URL: https://heg.com.au/wp-content/themes/cesis/includes/fonts/cesis_icons/cesis_icons.css?ver=5.8.9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

a82e6afd8f0b1e63c9c6d73972ce098f7d29c4e67ad4e50e4c60892a5f0db590

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heg.com.au/wp-content/themes/cesis/includes/fonts/cesis_icons/cesis_icons.css?ver=5.8.9
Origin: https://heg.com.au
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:45 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 00:46:50 GMT
server: nginx
etag: "961320-564c4-5aed6c979f280-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/ttf
cache-control: max-age=315360000
x-sucuri-id: 18011
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 1684ms
732ms Font
font/woff2 142.251.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f94.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heg.com.au
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 16:04:58 GMT
x-content-type-options: nosniff
age: 272929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Mar 2025 16:04:58 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 1711ms
759ms Font
font/woff2 142.251.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic&ver=5.8.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f94.1e100.net

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heg.com.au
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 18:41:51 GMT
x-content-type-options: nosniff
age: 349916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Mar 2025 18:41:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 2091ms
1139ms Font
font/woff2 142.251.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f94.1e100.net

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heg.com.au
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:23:01 GMT
x-content-type-options: nosniff
age: 88246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 19:23:01 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 2067ms
1136ms Font
font/woff2 142.251.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%2C400italic%2C500%7CRoboto+Slab%3A400%7CPoppins%3A700%2C600%7COpen+Sans%3A400&ver=5.8.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f94.1e100.net

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heg.com.au
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:04:12 GMT
x-content-type-options: nosniff
age: 74975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 23:04:12 GMT

GET
H2 200 HEG-Logo-2018-RGB-Horizontal-NoTag.png
heg.com.au/wp-content/uploads/2018/06/ 75 KB
75 KB 427ms
425ms Image
image/png 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heg.com.au/wp-content/uploads/2018/06/HEG-Logo-2018-RGB-Horizontal-NoTag.png

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

85e8c9ae8023e98d6fc8a394053934056e6e0a01024fbf7f4e5d992d48fd2754

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:45 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
x-sucuri-cache: HIT
content-length: 76708
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Jul 2018 04:41:59 GMT
server: nginx
etag: "961683-12ba4-57152ccb193c0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HEG-ESLS-AnnouncementBanner.png
heg.com.au/wp-content/uploads/ 199 KB
200 KB 586ms
585ms Image
image/png 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heg.com.au/wp-content/uploads/HEG-ESLS-AnnouncementBanner.png

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

a3241bf7bfa18641d8311f6f6c3caeaae0efd41e11fa505ef32ff51d61cb2e10

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:45 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
x-sucuri-cache: HIT
content-length: 203707
x-xss-protection: 1; mode=block
last-modified: Mon, 26 Sep 2022 14:34:04 GMT
server: nginx
etag: "960107-31bbb-5e9956b672e02"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HEG-OneStopShopWheel-scaled.jpg
heg.com.au/wp-content/uploads/ 87 KB
87 KB 2226ms
2226ms Image
image/jpeg 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heg.com.au/wp-content/uploads/HEG-OneStopShopWheel-scaled.jpg

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

7f50c280a30bd191f48f1b66bf8f2fdd8e937e1cc04d3ccf4ff7381591039064

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:45 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
x-sucuri-cache: HIT
content-length: 88854
x-xss-protection: 1; mode=block
last-modified: Sat, 03 Apr 2021 12:52:28 GMT
server: nginx
etag: "961a78-15b16-5bf10efda5b00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Adam-in-the-Showroom.jpg
heg.com.au/wp-content/uploads/2018/11/ 150 KB
150 KB 2518ms
2517ms Image
image/jpeg 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heg.com.au/wp-content/uploads/2018/11/Adam-in-the-Showroom.jpg

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

77ee129d5f41b5e4c1736187c4c26356717d8dadf35f215a956dee9e4a31f539

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:45 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
x-sucuri-cache: HIT
content-length: 153348
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Nov 2018 14:29:33 GMT
server: nginx
etag: "9619a1-25704-5799b3f554d40"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 499 KB
198 KB 1262ms
430ms Script
text/javascript 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=wpformsRecaptchaLoad&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

d91a519e6b7a22437317cc5c88597d4da75f97adc091e87b1515bab4576314c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heg.com.au/
Origin: https://heg.com.au
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 06:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 202205
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 06:48:15 GMT

GET
H2 200 REVIEW-LOGO-facebook-1-300x136.png
heg.com.au/wp-content/uploads/ 13 KB
13 KB 2354ms
2354ms Image
image/png 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heg.com.au/wp-content/uploads/REVIEW-LOGO-facebook-1-300x136.png

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

fbce1e2432dd0d876f60edc723e636c42ce1f79b7ed9f078d65ca5e98ab6b463

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:46 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
x-sucuri-cache: HIT
content-length: 12924
x-xss-protection: 1; mode=block
last-modified: Fri, 07 May 2021 03:08:44 GMT
server: nginx
etag: "961aeb-327c-5c1b4bedd4700"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Google-Business-Reviews-300x103.png
heg.com.au/wp-content/uploads/ 24 KB
24 KB 2355ms
2354ms Image
image/png 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heg.com.au/wp-content/uploads/Google-Business-Reviews-300x103.png

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

ba2df982152e2e94860e94748a5c919ec7d7140bde1493f5d711913e692da445

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:46 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
x-sucuri-cache: HIT
content-length: 24627
x-xss-protection: 1; mode=block
last-modified: Fri, 07 May 2021 02:38:40 GMT
server: nginx
etag: "961a02-6033-5c1b453566c00"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ATS-Diagram.png
heg.com.au/wp-content/uploads/ 52 KB
52 KB 703ms
703ms Image
image/png 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heg.com.au/wp-content/uploads/ATS-Diagram.png

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

dafa23001bb589587f28b07798feee7192730087ea2e56600855676482f5881c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:47 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
x-sucuri-cache: HIT
content-length: 52907
x-xss-protection: 1; mode=block
last-modified: Fri, 07 May 2021 03:44:07 GMT
server: nginx
etag: "9619af-ceab-5c1b53d67afc0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 openbridge3.js Show response
connect.facebook.net/signals/plugins/ 241 KB
83 KB 372ms
371ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/openbridge3.js?v=next

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js?v=next

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

ad01a6169968b9eb3656f07362ea95e0eb626a180590a4cb4f3941ff4e6cb36d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Mar 2024 19:53:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 84257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: vnD62gRJ8F3eLMTTh7qkmUsqwRf5q8ybfguK6Q9Q2S0kLjql4d3LdPHnFd2/8SVCXYOhAJp22D+/pDwEo57N3A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 623680911969343 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 577ms
577ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/623680911969343?v=next&r=stable&domain=heg.com.au&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js?v=next

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

98fc545b191eaa02aec1a8a8542cddd4a3f1a3b34800c4b2f377d8b570be2df0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Mar 2024 19:53:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: uYSEXNyGJw3DuC27eyFT7b2y9ywoFrQzRWcb1ae1Qp5i+/bXHv21Lp9yMnGbZcpgh5x2C2Byl8LPchAKV+Yspw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 27CA 46 KB
29 KB 600ms
599ms Document
text/html 172.253.118.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA&co=aHR0cHM6Ly9oZWcuY29tLmF1OjQ0Mw..&hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=rbr1bifu5ov5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__zh_cn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f106.1e100.net

Software

GSE /

Resource Hash

58b32bcbfc23e69739fbddbea71cdea8abd24513d62665e488e5838d28ccdba6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--In0CPRPRW42BBzY4jcF4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heg.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--In0CPRPRW42BBzY4jcF4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 19:53:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F30B 46 KB
29 KB 770ms
769ms Document
text/html 172.253.118.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA&co=aHR0cHM6Ly9oZWcuY29tLmF1OjQ0Mw..&hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=7zcl1kohbfe2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__zh_cn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f106.1e100.net

Software

GSE /

Resource Hash

1806ece3dbeeba25d8c0a20f24f47093a4c7d478aaade276aa5f948817160721

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PLzs3fvp-uJc-5-j5T9kbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heg.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PLzs3fvp-uJc-5-j5T9kbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 19:53:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame C599 46 KB
29 KB 712ms
711ms Document
text/html 172.253.118.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA&co=aHR0cHM6Ly9oZWcuY29tLmF1OjQ0Mw..&hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=acjj6hng0krh

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__zh_cn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f106.1e100.net

Software

GSE /

Resource Hash

b6df633d95b78e35bdf17e128b4ff85d80e5bb5d5665ca6ce4afd3c278cb5951

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Er12Hrix6MUtzViAT6YODA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heg.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Er12Hrix6MUtzViAT6YODA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 19:53:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 the_grid.ttf
heg.com.au/wp-content/plugins/the-grid/frontend/assets/fonts/ 33 KB
18 KB 326ms
325ms Font
font/ttf 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-content/plugins/the-grid/frontend/assets/fonts/the_grid.ttf

Requested by

Host: heg.com.au
URL: https://heg.com.au/wp-content/plugins/the-grid/frontend/assets/css/the-grid.min.css?ver=2.7.5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

a90132d0c3ec0a1cd36bf50e490740d1562bd1c836573116c5dca932b25c9a52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heg.com.au/wp-content/plugins/the-grid/frontend/assets/css/the-grid.min.css?ver=2.7.5
Origin: https://heg.com.au
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:48 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
content-length: 17999
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 13:34:25 GMT
server: nginx
etag: "9219d8-8314-5cfce5a18d612-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/ttf
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 vardata
lab.analyticspodium.com/sdk/ Frame 0
0 1516ms
553ms Preflight 52.42.87.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lab.analyticspodium.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.42.87.42 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-42-87-42.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://heg.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://heg.com.au
access-control-max-age: 1800
age: 2247
apigw-requestid: UK-8Rgo5vHcEJhg=
cache-control: no-store
content-length: 0
date: Tue, 05 Mar 2024 19:53:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Self=1-65e76f87-7816b76c73abb5cc15e94251;Root=1-65e76f87-24d0137e12dbb94a7305f4b4
x-cache: HIT
x-cache-hits: 1013
x-content-type-options: nosniff
x-served-by: cache-bfi-krnt7300106-BFI
x-timer: S1709668430.242510,VS0,VE0

GET
H2 200 vardata Show response
lab.analyticspodium.com/sdk/ 5 KB
6 KB 551ms
550ms Fetch
application/json 52.42.87.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lab.analyticspodium.com/sdk/vardata

Requested by

Host: connect.podium.com
URL: https://connect.podium.com/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.42.87.42 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-42-87-42.us-west-2.compute.amazonaws.com

Software

Resource Hash

1f11d6c65595eb8e0982d0540d926c00812aafa7c1187b1b60853aea7147f385

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://heg.com.au/
accept-language: zh-SG,zh;q=0.9
Authorization: Api-Key client-Ouo1GRXThh3LlgIkIlMGrdQTd3m9VBlY
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjMiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMjIiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwiZGV2aWNlX2lkIjoiOThlMjNmODMtN2E4MS00YjUwLTk0YjUtYjhkNjYxZjQ3ODgyIiwidXNlcl9wcm9wZXJ0aWVzIjp7fSwidXNlclByb3BlcnRpZXMiOnsic2NyaXB0VG9rZW4iOiIyYzgxYzdlNi0yOGJlLTRiNzItYjExMC0wZmEyZGM2ODZmMzAifX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
x-cache: MISS
content-length: 5574
apigw-requestid: UK-8Yj0GvHcEJgg=
x-served-by: cache-bfi-krnt7300081-BFI
x-timer: S1709668431.974824,VS0,VE41
x-amzn-trace-id: Self=1-65e7784e-147e8afa4e70c96231593048;Root=1-65e7784e-231b67e728f871b7618d0227
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://heg.com.au
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 27CA 55 KB
25 KB 485ms
70ms Stylesheet
text/css 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA&co=aHR0cHM6Ly9oZWcuY29tLmF1OjQ0Mw..&hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=rbr1bifu5ov5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 08:53:58 GMT

GET
H2 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 27CA 499 KB
198 KB 905ms
491ms Script
text/javascript 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__zh_cn.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

d91a519e6b7a22437317cc5c88597d4da75f97adc091e87b1515bab4576314c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 06:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 202205
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 06:48:15 GMT

POST
H/1.1 200
OK graphql Show response
mind-flayer.podium.com/ 134 B
512 B 245ms
244ms XHR
application/json 44.238.180.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.180.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-180-134.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 28905b52c1b3a93d5c4170b0b2cef9a7b91aa2cbc908193e0d31e7982f2f91b7

Request headers

Accept: application/json
Referer: https://heg.com.au/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 19:53:50 GMT
server: Cowboy
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heg.com.au
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
x-robots-tag: noindex
Content-Length: 134
x-request-id: F7n2YUg5JA6BEJ1nfoRh

OPTIONS
H/1.1 200
OK graphql
mind-flayer.podium.com/ Frame 0
0 2001ms
321ms Preflight 44.238.180.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.180.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-180-134.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heg.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
access-control-allow-credentials: true
access-control-allow-headers: accept, content-type, authorization, socket-id, origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin: https://heg.com.au
cache-control: max-age=0, private, must-revalidate
date: Tue, 05 Mar 2024 19:53:50 GMT
server: Cowboy
vary: origin
x-request-id: F7n2YTcs2JDSxUtnfnTx
x-robots-tag: noindex

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame C599 55 KB
24 KB 791ms
490ms Stylesheet
text/css 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 08:53:58 GMT

GET
H2 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame C599 499 KB
198 KB 793ms
492ms Script
text/javascript 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__zh_cn.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

d91a519e6b7a22437317cc5c88597d4da75f97adc091e87b1515bab4576314c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 06:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 202205
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 06:48:15 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame F30B 55 KB
24 KB 328ms
83ms Stylesheet
text/css 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 08:53:58 GMT

GET
H2 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame F30B 499 KB
198 KB 756ms
511ms Script
text/javascript 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__zh_cn.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

d91a519e6b7a22437317cc5c88597d4da75f97adc091e87b1515bab4576314c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 06:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 202205
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 06:48:15 GMT

POST
H2 200 / Show response
heg.com.au/ 0
425 B 2232ms
2231ms XHR
text/html 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/?ob=open-bridge/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/plugins/openbridge3.js?v=next

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heg.com.au/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 19:53:51 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-sucuri-id: 18011
content-length: 1
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 1341ms
125ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=623680911969343&ev=PageView&dl=https%3A%2F%2Fheg.com.au%2F&rl=&if=false&ts=1709668429332&sw=1600&sh=1200&v=next&r=stable&a=wordpress-5.8.9-3.0.15&ec=0&o=4126&eid=ob3_plugin-set_5e7c922a0264ab646f61b5bc0437b1de38c829d17270676a21b2ad3dbbf1756c&fbp=fb.2.1709668429330.2049431675&ler=empty&cdl=API_unavailable&it=1709668428429&coo=false&rqm=GET

Requested by

Host: heg.com.au
URL: https://heg.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Mar 2024 19:53:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 200 httpapi
api2.analyticspodium.com/2/ Frame 0
0 1130ms
249ms Preflight 44.236.148.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.analyticspodium.com/2/httpapi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.236.148.180 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-148-180.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heg.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
apigw-requestid: UK-8Zgp-vHcEPEQ=
content-length: 0
date: Tue, 05 Mar 2024 19:53:51 GMT
strict-transport-security: max-age=15768000

POST
H2 200 httpapi Show response
api2.analyticspodium.com/2/ 94 B
365 B 705ms
704ms Fetch
application/json 44.236.148.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.analyticspodium.com/2/httpapi

Requested by

Host: connect.podium.com
URL: https://connect.podium.com/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.236.148.180 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-148-180.us-west-2.compute.amazonaws.com

Software

Resource Hash

b161c4720eccc8e8e964e873097f21acc156677550fbe3da133ee8df1467a8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://heg.com.au/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 19:53:51 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Self=1-65e7784f-1726caeb292aa88f63bd6834;Root=1-65e7784f-51d76c730332cff50c0101d2
content-length: 94
apigw-requestid: UK-8eh30vHcEPpg=

GET
H2 200 oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js Show response
www.google.com/js/bg/ Frame 27CA 17 KB
7 KB 24ms
24ms Script
text/javascript 172.253.118.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__zh_cn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f106.1e100.net

Software

sffe /

Resource Hash

a0de89390c4ed8265d843baf51181cd560ea1695eb6cc67a998e5c4c1c9adad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA&co=aHR0cHM6Ly9oZWcuY29tLmF1OjQ0Mw..&hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=rbr1bifu5ov5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:05:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 244088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6931
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Mar 2025 00:05:42 GMT

GET
H2 200 oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js Show response
www.google.com/js/bg/ Frame C599 17 KB
7 KB 32ms
32ms Script
text/javascript 172.253.118.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__zh_cn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f106.1e100.net

Software

sffe /

Resource Hash

a0de89390c4ed8265d843baf51181cd560ea1695eb6cc67a998e5c4c1c9adad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA&co=aHR0cHM6Ly9oZWcuY29tLmF1OjQ0Mw..&hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=acjj6hng0krh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:05:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 244088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6931
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Mar 2025 00:05:42 GMT

GET
H2 200 oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js Show response
www.google.com/js/bg/ Frame F30B 17 KB
7 KB 43ms
43ms Script
text/javascript 172.253.118.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__zh_cn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f106.1e100.net

Software

sffe /

Resource Hash

a0de89390c4ed8265d843baf51181cd560ea1695eb6cc67a998e5c4c1c9adad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA&co=aHR0cHM6Ly9oZWcuY29tLmF1OjQ0Mw..&hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=7zcl1kohbfe2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:05:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 244088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6931
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Mar 2025 00:05:42 GMT

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame 27CA 105 B
212 B 57ms
57ms Other
text/javascript 172.253.118.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f106.1e100.net

Software

GSE /

Resource Hash

f3a8ea92eebfe86f66ab498ba194bede2f839a55ea6d02605a47879c98e4e60d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA&co=aHR0cHM6Ly9oZWcuY29tLmF1OjQ0Mw..&hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=rbr1bifu5ov5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 19:53:50 GMT

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame C599 105 B
189 B 47ms
46ms Other
text/javascript 172.253.118.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f106.1e100.net

Software

GSE /

Resource Hash

f3a8ea92eebfe86f66ab498ba194bede2f839a55ea6d02605a47879c98e4e60d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA&co=aHR0cHM6Ly9oZWcuY29tLmF1OjQ0Mw..&hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=acjj6hng0krh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 19:53:50 GMT

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame F30B 105 B
189 B 46ms
46ms Other
text/javascript 172.253.118.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f106.1e100.net

Software

GSE /

Resource Hash

f3a8ea92eebfe86f66ab498ba194bede2f839a55ea6d02605a47879c98e4e60d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA&co=aHR0cHM6Ly9oZWcuY29tLmF1OjQ0Mw..&hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=7zcl1kohbfe2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 19:53:50 GMT

GET
H2 200 zxcvbn.min.js Show response
heg.com.au/wp-includes/js/ 803 KB
380 KB 123ms
123ms Script
application/javascript 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heg.com.au/wp-includes/js/zxcvbn.min.js

Requested by

Host: heg.com.au
URL: https://heg.com.au/wp-includes/js/zxcvbn-async.min.js?ver=1.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

daa6634ed8d6376bfd22d8f68942d00e1b56db0fa8c9f90ba2af52734dd5593b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:50 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
content-encoding: br
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
server: nginx
etag: "8617cb-c8bdd-595c52fd2e6c0-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 18011
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HEG-Icon-Heat_pump_sos.png
heg.com.au/wp-content/uploads/2018/06/ 13 KB
13 KB 412ms
409ms Image
image/png 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heg.com.au/wp-content/uploads/2018/06/HEG-Icon-Heat_pump_sos.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

c6772001816564db480d0311e95e50d540d41d7d3913c6b868e918862e93c218

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:50 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
x-sucuri-cache: HIT
content-length: 12936
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Jul 2018 04:43:05 GMT
server: nginx
etag: "961649-3288-57152d0a0a840"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HEG-Icon-LED_lighting.png
heg.com.au/wp-content/uploads/2018/08/ 24 KB
24 KB 430ms
428ms Image
image/png 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heg.com.au/wp-content/uploads/2018/08/HEG-Icon-LED_lighting.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

fbff052ad0dfe11e2c1da2745d3af3abf9a7f5e7da8d6fae3bbc8022229c8d74

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:50 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
x-sucuri-cache: HIT
content-length: 24405
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Aug 2018 04:49:08 GMT
server: nginx
etag: "961980-5f55-5749fcb995900"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HEG-Icon-Ceiling_Insulation.png
heg.com.au/wp-content/uploads/2018/07/ 12 KB
12 KB 486ms
484ms Image
image/png 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heg.com.au/wp-content/uploads/2018/07/HEG-Icon-Ceiling_Insulation.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

aac6caa2e3be2a152633d422b8b175faa9d96db88e41491d46472e9341c1c021

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:50 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
x-sucuri-cache: HIT
content-length: 11997
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Jul 2018 04:16:35 GMT
server: nginx
etag: "9617e9-2edd-5715271db2ec0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HEG-Icon-Underfloor_Insulation.png
heg.com.au/wp-content/uploads/2018/08/ 19 KB
19 KB 508ms
506ms Image
image/png 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heg.com.au/wp-content/uploads/2018/08/HEG-Icon-Underfloor_Insulation.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

a29034b4148b2d446a6d86859f2388cdef322c9b59dcc2dd7551f421a4a4a6a1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:50 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
x-sucuri-cache: HIT
content-length: 19520
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Aug 2018 02:59:56 GMT
server: nginx
etag: "961994-4c40-572bb78e0c300"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HEG-Icon-Window_condensation.png
heg.com.au/wp-content/uploads/2018/06/ 13 KB
14 KB 512ms
511ms Image
image/png 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heg.com.au/wp-content/uploads/2018/06/HEG-Icon-Window_condensation.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

7e3f166d74f5bc08f8f9794e2f3ee25a9b82ed10cd6dc8f0ebbc83c070011d77

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:50 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
x-sucuri-cache: HIT
content-length: 13680
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Jul 2018 04:42:21 GMT
server: nginx
etag: "961672-3570-57152ce014540"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HEG-Icon-Heat_recovery_and_circulation-1.png
heg.com.au/wp-content/uploads/2018/06/ 18 KB
18 KB 517ms
516ms Image
image/png 192.124.249.111
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heg.com.au/wp-content/uploads/2018/06/HEG-Icon-Heat_recovery_and_circulation-1.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.111 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10111.sucuri.net

Software

nginx /

Resource Hash

462abd4c801c96ba379c3a0ff3af534278abbd7cd74ba7f9f6e11739a4d6d25b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:50 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300
x-sucuri-cache: HIT
content-length: 18002
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Jul 2018 04:40:09 GMT
server: nginx
etag: "961651-4652-57152c6231c40"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 18011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame EFEB 7 KB
1 KB 90ms
89ms Document
text/html 172.253.118.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__zh_cn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f106.1e100.net

Software

GSE /

Resource Hash

7458ffe6ea1c730b4346d506b743d7767f62f8c1619752420bddcee9b55d6e32

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0j87nLnraBZdk7a418mmrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heg.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-0j87nLnraBZdk7a418mmrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 19:53:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 63C8 7 KB
1 KB 106ms
105ms Document
text/html 172.253.118.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__zh_cn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f106.1e100.net

Software

GSE /

Resource Hash

3f63f47a757b05b32b4597d937f2ca710efae177e7daa5370e3b6de74b83cd81

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ebJ6gIPpd19Uph6oArUiLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heg.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ebJ6gIPpd19Uph6oArUiLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 19:53:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 4757 7 KB
1 KB 101ms
100ms Document
text/html 172.253.118.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__zh_cn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f106.1e100.net

Software

GSE /

Resource Hash

55242ac993d7cd5a0b8116670a90be22d6536fd7115f76295eca297d9f52ece2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ESGUn69Q5LODB5uYaigj9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heg.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ESGUn69Q5LODB5uYaigj9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 19:53:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK graphql Show response
mind-flayer.podium.com/ 3 KB
3 KB 629ms
629ms XHR
application/json 44.238.180.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.180.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-180-134.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash: a2416e9a2992dec9c8992a3a3bb29c2b8d5eaa7ece000db49ae272d76eb70662

Request headers

Accept: application/json
Referer: https://heg.com.au/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 19:53:51 GMT
server: Cowboy
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heg.com.au
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
x-robots-tag: noindex
Content-Length: 2803
x-request-id: F7n2YXEI72a4Y_FlsL5S

OPTIONS
H/1.1 200
OK graphql
mind-flayer.podium.com/ Frame 0
0 344ms
344ms Preflight 44.238.180.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.180.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-180-134.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heg.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
access-control-allow-credentials: true
access-control-allow-headers: accept, content-type, authorization, socket-id, origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin: https://heg.com.au
cache-control: max-age=0, private, must-revalidate
date: Tue, 05 Mar 2024 19:53:51 GMT
server: Cowboy
vary: origin
x-request-id: F7n2YVplu045dbVH5ZmB
x-robots-tag: noindex

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame EFEB 55 KB
24 KB 442ms
441ms Stylesheet
text/css 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 08:53:58 GMT

GET
H2 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame EFEB 499 KB
198 KB 34ms
33ms Script
text/javascript 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

d91a519e6b7a22437317cc5c88597d4da75f97adc091e87b1515bab4576314c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 06:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 202205
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 06:48:15 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 63C8 55 KB
24 KB 789ms
788ms Stylesheet
text/css 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 08:53:58 GMT

GET
H2 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 63C8 499 KB
198 KB 442ms
442ms Script
text/javascript 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

d91a519e6b7a22437317cc5c88597d4da75f97adc091e87b1515bab4576314c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 06:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 202205
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 06:48:15 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 4757 55 KB
24 KB 751ms
751ms Stylesheet
text/css 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 08:53:58 GMT

GET
H2 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 4757 499 KB
198 KB 839ms
839ms Script
text/javascript 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdupbQUAAAAAGZynUp2We4OklNuT9Olks0U5BIA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

d91a519e6b7a22437317cc5c88597d4da75f97adc091e87b1515bab4576314c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 06:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 202205
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 06:48:15 GMT

POST
H/1.1 200
OK graphql Show response
mind-flayer.podium.com/ 38 B
415 B 546ms
546ms XHR
application/json 44.238.180.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.180.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-180-134.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76

Request headers

Accept: application/json
Referer: https://heg.com.au/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 19:53:52 GMT
server: Cowboy
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heg.com.au
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
x-robots-tag: noindex
Content-Length: 38
x-request-id: F7n2YaaI2-lG3StVrFZB

OPTIONS
H/1.1 200
OK graphql
mind-flayer.podium.com/ Frame 0
0 268ms
267ms Preflight 44.238.180.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.180.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-180-134.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heg.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
access-control-allow-credentials: true
access-control-allow-headers: accept, content-type, authorization, socket-id, origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin: https://heg.com.au
cache-control: max-age=0, private, must-revalidate
date: Tue, 05 Mar 2024 19:53:52 GMT
server: Cowboy
vary: origin
x-request-id: F7n2YZifGzQ-lvZlsN2y
x-robots-tag: noindex

GET
H2 200 styles.css
connect.podium.com/ Frame EF54 64 KB
10 KB 252ms
251ms Stylesheet
text/css 99.86.91.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/styles.css
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-48.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad9bb0925961e419aed1dd031aac0bc66e4023dc1eda85672c1611a6e2d053b0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:24:05 GMT
content-encoding: gzip
via: 1.1 e225339d299ad31ad0818dbdb8c65826.cloudfront.net (CloudFront)
last-modified: Tue, 05 Mar 2024 18:23:55 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C1
age: 1787
etag: "c1fa1977d66b8bebcb22901457400a35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600
content-length: 10003
x-amz-cf-id: U3jNShrngiMYO1ei4TLyhFCwnVWFtfoDDkkxHKDdKKG34ZX7ol6zkQ==

GET
H2 200 d2271df8467ecc4941f02087d61c1c1e.woff2
connect.podium.com/ Frame EF54 34 KB
34 KB 1545ms
789ms Font
binary/octet-stream 99.86.91.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/d2271df8467ecc4941f02087d61c1c1e.woff2
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-48.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797

Request headers

Referer: https://connect.podium.com/styles.css
Origin: https://heg.com.au
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:55 GMT
via: 1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
last-modified: Tue, 05 Mar 2024 18:23:54 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C1
etag: "1d077eb2f892e7f968f043b40b6ae557"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers
content-length: 34640
x-amz-cf-id: H0AZjoRQdqxqZbcopWCxTeCcvQY4dHXmkxhoehNiz64_z0F61FfLyw==

GET
H2 200 434b2574637d4adc6a5a30864e8c6b3e.woff2
connect.podium.com/ Frame EF54 30 KB
30 KB 1555ms
801ms Font
binary/octet-stream 99.86.91.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/434b2574637d4adc6a5a30864e8c6b3e.woff2
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-48.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62

Request headers

Referer: https://connect.podium.com/styles.css
Origin: https://heg.com.au
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:55 GMT
via: 1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
last-modified: Tue, 05 Mar 2024 18:23:54 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C1
etag: "c28f8beb02447597a13d138680f42e65"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers
content-length: 30548
x-amz-cf-id: FdZBfFVst-r8rlzkraQAL97Z4578_AdEov_Ve3YhZiIz1CBO6FOBWw==

OPTIONS
H/1.1 200
OK graphql
mind-flayer.podium.com/ Frame 0
0 253ms
252ms Preflight 44.238.180.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.180.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-180-134.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heg.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
access-control-allow-credentials: true
access-control-allow-headers: accept, content-type, authorization, socket-id, origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin: https://heg.com.au
cache-control: max-age=0, private, must-revalidate
date: Tue, 05 Mar 2024 19:53:53 GMT
server: Cowboy
vary: origin
x-request-id: F7n2Yg9iCXZJ5apwKRzB
x-robots-tag: noindex

POST
H/1.1 200
OK graphql Show response
mind-flayer.podium.com/ 38 B
415 B 509ms
508ms XHR
application/json 44.238.180.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.180.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-180-134.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76

Request headers

Accept: application/json
Referer: https://heg.com.au/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 19:53:54 GMT
server: Cowboy
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heg.com.au
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
x-robots-tag: noindex
Content-Length: 38
x-request-id: F7n2Yh0B0ameg59WGUnC

GET
H2 200 styles.css
connect.podium.com/ Frame 1ABB 64 KB
10 KB 250ms
249ms Stylesheet
text/css 99.86.91.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/styles.css
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-48.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad9bb0925961e419aed1dd031aac0bc66e4023dc1eda85672c1611a6e2d053b0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://heg.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:24:05 GMT
content-encoding: gzip
via: 1.1 e225339d299ad31ad0818dbdb8c65826.cloudfront.net (CloudFront)
last-modified: Tue, 05 Mar 2024 18:23:55 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C1
age: 1789
etag: "c1fa1977d66b8bebcb22901457400a35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600
content-length: 10003
x-amz-cf-id: krGkMPGBnIFL9gfVAB9Wdbq6SMeEx3dSUmpQlDIHhazUmTEBn3_Irg==

GET avatar.jpeg
avatars.podium.com/3108239/8e58c490-dc40-4099-9ac4-b925e77c7e08/ Frame 1ABB 0
0

GET
H2 200 d2271df8467ecc4941f02087d61c1c1e.woff2
connect.podium.com/ Frame 1ABB 34 KB
34 KB 237ms
236ms Font
binary/octet-stream 99.86.91.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/d2271df8467ecc4941f02087d61c1c1e.woff2
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-48.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797

Request headers

Referer: https://connect.podium.com/styles.css
Origin: https://heg.com.au
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:55 GMT
via: 1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
last-modified: Tue, 05 Mar 2024 18:23:54 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C1
etag: "1d077eb2f892e7f968f043b40b6ae557"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers
content-length: 34640
x-amz-cf-id: 4_SRcIZpUaK_zNWlVzeYKEwe-A8AGjUmLlGlt1AFC7b7EZ356QOSRw==

GET
H2 200 434b2574637d4adc6a5a30864e8c6b3e.woff2
connect.podium.com/ Frame 1ABB 30 KB
30 KB 424ms
424ms Font
binary/octet-stream 99.86.91.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/434b2574637d4adc6a5a30864e8c6b3e.woff2
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-48.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62

Request headers

Referer: https://connect.podium.com/styles.css
Origin: https://heg.com.au
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:53:55 GMT
via: 1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
last-modified: Tue, 05 Mar 2024 18:23:54 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C1
etag: "c28f8beb02447597a13d138680f42e65"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers
content-length: 30548
x-amz-cf-id: UvxrvEaVP8WrzJfwtOXZBKiCoaaUEjZVj3ihBFF_zuLIYawHWmyDeA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: avatars.podium.com
URL: https://avatars.podium.com/3108239/8e58c490-dc40-4099-9ac4-b925e77c7e08/avatar.jpeg

Verdicts & Comments Add Verdict or Comment

242 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
heg.com.au/	1970-01-21 04:30:28	Name: _wpfuuid Value: a6c29cdf-e30e-417f-bebc-3a1cd7bfff63
.heg.com.au/	1970-01-21 03:40:04	Name: AMP_MKTG_16a5c84b5b Value: JTdCJTdE
.heg.com.au/	1970-01-21 03:40:04	Name: AMP_16a5c84b5b Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjI5OGUyM2Y4My03YTgxLTRiNTAtOTRiNS1iOGQ2NjFmNDc4ODIlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzA5NjY4NDI5MDY3JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcwOTY2ODQyOTA4NCU3RA==
.heg.com.au/	1970-01-20 21:04:04	Name: _fbp Value: fb.2.1709668429330.2049431675
heg.com.au/	1969-12-31 23:59:59	Name: PHPSESSID Value: b41c1ca38ab59315d4207faa0bf22f96

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/623680911969343?v=next&r=stable&domain=heg.com.au&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.analyticspodium.com
avatars.podium.com
connect.facebook.net
connect.podium.com
fonts.googleapis.com
fonts.gstatic.com
heg.com.au
lab.analyticspodium.com
mind-flayer.podium.com
sm3.b64.mywebsitetransfer.com
www.facebook.com
www.google.com
www.gstatic.com
avatars.podium.com
142.251.10.95
142.251.175.94
157.240.235.1
157.240.235.35
172.253.118.106
184.168.113.223
192.124.249.111
44.236.148.180
44.238.180.134
52.42.87.42
74.125.130.94
99.86.91.48
0231e6b4b64a14c310f164932251b2dd0bb80940851923e287709b963e814c86
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02f25d77f00bc4255fc48330822b7b29fb8d3e67bd7c9cd05ea1ccb63edf559d
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0d5d31daf049b4444184f5a7dab253c49bf1ba86b1ce5e182c0ca99dae382804
0f9ee863dc0f0b7e60c7ecbd8acb70188f1f6995e39dd2015e16cdd26901e2af
10ab8b6f59e29954e4297f493bea24b7c83d6fe409d09a591874d43cd43ba6b2
10f42e27a199460d4d040b7cbff9967d21d186896ce32ccbfe3cc5bb9fd9e8c3
11317e706cc711a66dd03f4e8e1b83f42f6ea2852e9c15e15c9335691fe8e367
122d190c17fb6860750f62345610fa9e636ca5f028a7129fc7205416501b7cb8
148fa343f9798f282a1b31f6f29dbaac940c4df96849404f14602c100fd67a03
1806ece3dbeeba25d8c0a20f24f47093a4c7d478aaade276aa5f948817160721
1b4399ea13ecb6a6617a480b0dbd7f44c1a2a3c5ab35ec20987e1c2bcda956c8
1c3fbf3f4938451bc3b7781f832b7da84c23eec5b979ac7541ec754e67e3b6d2
1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62
1f11d6c65595eb8e0982d0540d926c00812aafa7c1187b1b60853aea7147f385
275901c25e8edc563da3aaebe37e7432d60d69876a1504aeaaaeac549f5f3492
28905b52c1b3a93d5c4170b0b2cef9a7b91aa2cbc908193e0d31e7982f2f91b7
28936d7d854132e9eeb18487d36db24f00a69579ca68fa8392e971e80198f5bd
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2a810f9fce465fc48af5ccbdd146af8d249e8fae8ba9c465005140fca073b1dd
3522b3680f1aa94955baf83b28680741db1b25035367de724101bc5237dc5a36
357ad057de8ffc0fc9df301dd1873c3d482e926791195ee262da3886269f84d8
39eadd1cbab3247462a6e2c98e375d19e3e6e9b7a52bcf5996f396b83e82fc85
3ae0c9b0e86a97ded8a6a3da53df7940dffe17ea6247584e0e192ca4ad5a0e39
3c7957bce710a6ea1eea5e23bb5fb148a463d95a91feafca15d73c987661da38
3c96a0133005c8e7885757c4a9726e52e90bd841ec31bb17e22dc283d9ee6628
3cc317602c660405911229b8e6d52effae2c736feec908c77092b30e0c8ba52e
3f63f47a757b05b32b4597d937f2ca710efae177e7daa5370e3b6de74b83cd81
4023e81ca6b32d7263da7ee7222ba1eaac5ad1de6bdf7a3da51341f1fd58bbf4
41dbff04fe2fd324a4b049a6a1f1fa1ae7f7bd1df789b647c8565cd268ac982a
462abd4c801c96ba379c3a0ff3af534278abbd7cd74ba7f9f6e11739a4d6d25b
4c0cc637858d6503cba9262f8be75740c29e853605a153a7bde46a6e2e367eb0
5140d086598458faaec671f85f7ceb27414ae23f188888a655af560d5cdc8cc3
51ab6f15175a2fa2acba346b9dceb780a93d28c4a7758786fae1223adc865faa
527beb6c2c7fb7390156ab5c7e269b74994831e1cae8a54bec16e6165b908fc4
55242ac993d7cd5a0b8116670a90be22d6536fd7115f76295eca297d9f52ece2
58b32bcbfc23e69739fbddbea71cdea8abd24513d62665e488e5838d28ccdba6
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5db5f9c12c0f6cddabb29e0ac73f3d3084ede054673bfcf60a7c8295ec66e5de
5e8eb3ac27502f64410d9546683d5681dd75e8bdf2918b0a38e4f99f2d875291
62d9ec7bc6d8d7c262fd378bd7ec9d66f52bb0f8e390004bb023148fa88de65d
64f9e1a96ce82fb49590f8d93fba3911753a562a49259cea76c371202cac5b18
67b54513de64444d6400b8c9553556c608cc15c1429bd37cd1dc75bd2dae6eae
69a15ba379260f131f7dfa2a5414cbdc48db661ac21d696773c7e67259255ca1
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6aabd5ad1e5c3f49e7e965433d509d402826869bae958ee412eaf3a56240d511
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6da33c5f66f3036ad3c27847f51b6d411d61c115d69620f7d709e17498cdf92c
7458ffe6ea1c730b4346d506b743d7767f62f8c1619752420bddcee9b55d6e32
74cc6a206326b8229276585c91ff2029af2061b89ffbadb4e5873353cf6e93ae
77ee129d5f41b5e4c1736187c4c26356717d8dadf35f215a956dee9e4a31f539
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7e3f166d74f5bc08f8f9794e2f3ee25a9b82ed10cd6dc8f0ebbc83c070011d77
7ee1295838ff2befb8af0fa3165e19a8bca6cbcad821e869001fd05275d13b29
7f50c280a30bd191f48f1b66bf8f2fdd8e937e1cc04d3ccf4ff7381591039064
80397e47e371a0c58745877e90ecbd4dc00861758b4af63686089b544cf27456
836178a4180a9601923c9d219fb0ec6b6e0b3d9522b150064737640bd336b389
83d597fb0b3e0c151b654d642ead654d7678958d9f7fca855aca1899705eae94
85e8c9ae8023e98d6fc8a394053934056e6e0a01024fbf7f4e5d992d48fd2754
8625b8efb2e7cec893a6d5c5f2854c3033c182ea0961665c810cb10426f03b3b
8a3820962c15d26c4cdc9eff4f8c66ed29f96e353b7893285cb14962d6a6956d
8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76
8bd29dc9e61cd8bd7934aa3a807f2e1b6deff63e681fe288978521663291774f
8fe444b84e3551de4addd1260d27117a520b18e0f29b6b10a12ce9e6788e1192
8fea986c7e721c0067b26eb87ebe1e3d6c39cf3ec7a1d5b056023c2a7d6ab885
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
93ac8e22ef8a241ddd954362cc979528693e4b7732dc5de26154d9bbf60011fb
98fc545b191eaa02aec1a8a8542cddd4a3f1a3b34800c4b2f377d8b570be2df0
9932efc62eb44589ec8a1ad3fa7f4a8756534326394d281ee4da14b51f59e871
9dab9e4666c7c0eadfdccf980e551cbe52ea71918ad2760feabd34f4dac3c003
9fcda38a7161e400905981bc70d1c7c3ef1088a7289878d5cba30d7444cc63f1
a0de89390c4ed8265d843baf51181cd560ea1695eb6cc67a998e5c4c1c9adad0
a2416e9a2992dec9c8992a3a3bb29c2b8d5eaa7ece000db49ae272d76eb70662
a29034b4148b2d446a6d86859f2388cdef322c9b59dcc2dd7551f421a4a4a6a1
a3241bf7bfa18641d8311f6f6c3caeaae0efd41e11fa505ef32ff51d61cb2e10
a82e6afd8f0b1e63c9c6d73972ce098f7d29c4e67ad4e50e4c60892a5f0db590
a90132d0c3ec0a1cd36bf50e490740d1562bd1c836573116c5dca932b25c9a52
aac6caa2e3be2a152633d422b8b175faa9d96db88e41491d46472e9341c1c021
ab53772279b1ec3b386a24792d1d667ec42e9a20623ab2baabf72e351270b806
ac24a69d166e31df6dede20bdae1ce0b5716f77b8e22ad4c35158e345ca21f96
ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797
ad01a6169968b9eb3656f07362ea95e0eb626a180590a4cb4f3941ff4e6cb36d
ad9bb0925961e419aed1dd031aac0bc66e4023dc1eda85672c1611a6e2d053b0
ae346c6f8eaa5ebf96ee03e8ed58f9c2dc6d1c36148f7aa3690e21998e578e4a
b161c4720eccc8e8e964e873097f21acc156677550fbe3da133ee8df1467a8cb
b2b513d915ee0689890c4c17b634c139f58067a1b0ec3513e21886945b215c66
b2ce006758cfb4f12f996d3acec455289405d24aa4891027554b5b544b585e05
b6df633d95b78e35bdf17e128b4ff85d80e5bb5d5665ca6ce4afd3c278cb5951
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
ba2df982152e2e94860e94748a5c919ec7d7140bde1493f5d711913e692da445
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c6772001816564db480d0311e95e50d540d41d7d3913c6b868e918862e93c218
c8998c826c64dcbd44498e12e1798f1e2bf8f386848413fd5c760e91662f6109
c89abf70364f007b654195d3b9778c66edb0c88974196d61f1786a0bfe816a3b
cb450f20183b467cf163e0283c7eb98c99c4fd63f49bf195b25a8f94f27a4f0b
cda361d0682960cd942e17e52b286687a44a9eddd0a29ea5ad25bdc2e32f4873
d09b448804842c6236c199c2fba8f38f7be0a8c5a75f38f234631428b5f35ee3
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce
d91a519e6b7a22437317cc5c88597d4da75f97adc091e87b1515bab4576314c3
daa6634ed8d6376bfd22d8f68942d00e1b56db0fa8c9f90ba2af52734dd5593b
dafa23001bb589587f28b07798feee7192730087ea2e56600855676482f5881c
dcec1bb908e57713b4739dc0e93cdb10620daa8075b64d67f0ca086f6184594b
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
de548a8d4e7ca7f4e8c2f5511a22ce62d48685dcb3585fc41648deaaf5a3defc
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e0277e376e8cf13b997380f87679bf54298b9455a07f78ddeb7ac3346d4585a0
e03e8c980759f7a1f77046a8d9f09a918c1e8e8fc68914b6f2beff3e34a45066
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e60fbf0bdc14cbc9e44557e622bdd1864f5556b72b7d9f46e0f039aed2f4840a
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e93e18f2f34a865e27d2d839eaccca6bec750d357f1c937980026d6d25507c2c
eb3df5f63983457802eacc40f7200cfd91424876308c5a4fde148953b22b61f4
ef4743b35a4bd292ce1e70438c1fcb41fd34618ad058c3d2b50980a3b5ed3a36
f1dbbc4be8d88ae17466b1d7a8fd7bf4f9d9b5ab492719cdea721d82cecb738d
f3a8ea92eebfe86f66ab498ba194bede2f839a55ea6d02605a47879c98e4e60d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8a27f5be638d85f05ba0fc14f21101818e356f44d27ae96e3a02b7a66d623bf
fbce1e2432dd0d876f60edc723e636c42ce1f79b7ed9f078d65ca5e98ab6b463
fbff052ad0dfe11e2c1da2745d3af3abf9a7f5e7da8d6fae3bbc8022229c8d74
fc4734a05c8fef24aff435e66dd05ac37e6a6ce3659862c9b8043fa3ebd7d457
fcbe9e9ff2d1c20cab10bf43dc49914e188b44ae21f34257b4a0ef5cae90f7ac
fef6d1fd3fe4b01f07b669cbd32fbf0eeb611bbd8df226e0ea303ad4aa1fa961

heg.com.au Open in urlscan Pro 192.124.249.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

158 Requests

98 %HTTPS

0 %IPv6

9 Domains

13 Subdomains

12 IPs

2 Countries

4252 kBTransfer

11020 kBSize

5 Cookies

8 Outgoing links

Page URL History

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

heg.com.au Open in urlscan Pro
192.124.249.111 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

98 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

12
IPs

2
Countries

4252 kB
Transfer

11020 kB
Size

5
Cookies

158 HTTP transactions
-1 data transactions