urlscan.io logo urlscan.io
SecurityTrails logo

u1strealty.com.au Open in urlscan Pro
35.202.21.90  Public Scan

Go To Rescan Add Verdict Report
URL: https://u1strealty.com.au/login.php
Submission Tags: krdtest
Submission: On May 14 via api from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 30 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is u1strealty.com.au.
TLS certificate: Issued by R3 on April 6th 2021. Valid for: 3 months.
This is the only time u1strealty.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    35.202.21.90 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 90.21.202.35.bc.googleusercontent.com
u1strealty.com.au
2    34.107.203.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.203.107.34.bc.googleusercontent.com
static.leadpages.net
embed.lpcontent.net
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
11    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
2    2a00:1450:4001:831::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
js.center.io
5    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    35.192.151.63 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 63.151.192.35.bc.googleusercontent.com
api.leadpages.io
Domain Requested by
11 lh3.googleusercontent.com u1strealty.com.au
5 fonts.gstatic.com fonts.googleapis.com
4 api.leadpages.io js.center.io
embed.lpcontent.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
u1strealty.com.au
2 js.center.io u1strealty.com.au
js.center.io
1 embed.lpcontent.net u1strealty.com.au
1 www.googletagmanager.com u1strealty.com.au
1 fonts.googleapis.com u1strealty.com.au
1 static.leadpages.net u1strealty.com.au
1 u1strealty.com.au
30 10
Subject Issuer Validity Valid
u1strealty.com.au
R3		 2021-04-06 -
2021-07-05		 3 months crt.sh
static.leadpages.net
GTS CA 1D4		 2021-05-13 -
2021-08-11		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
embed.lpcontent.net
GTS CA 1D4		 2021-05-13 -
2021-08-11		 3 months crt.sh
*.center.io
Go Daddy Secure Certificate Authority - G2		 2020-01-21 -
2022-01-21		 2 years crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.leadpages.io
Go Daddy Secure Certificate Authority - G2		 2019-11-12 -
2021-11-12		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://u1strealty.com.au/login.php
Frame ID: 4954A9F4E9B65D7C6502163AB49EFDE4
Requests: 29 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 87F60C4A7F1871D904FA0F4F03C35A5A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Page Statistics

30
Requests

100 %
HTTPS

70 %
IPv6

10
Domains

10
Subdomains

10
IPs

2
Countries

743 kB
Transfer

1097 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
u1strealty.com.au/ 		188 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://u1strealty.com.au/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
d95128b65ef31114559d17f90f2b69b620196c6795dfdc87c64f4862f10be71c

Request headers

:method
GET
:authority
u1strealty.com.au
:scheme
https
:path
/login.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 20:15:06 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Tue, 11 May 2021 22:28:26 GMT
etag
W/"1f076ab30643ec9bf1c7a4a0a26c04bb"
x-cache
MISS, MISS
cache-control
no-cache
server
Leadpages
content-encoding
br
all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 		58 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by
Host: u1strealty.com.au
URL: https://u1strealty.com.au/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 19:24:37 GMT
content-encoding
gzip
server
Google Frontend
age
89429
etag
"WBcxNA"
content-type
text/css
access-control-allow-origin
*
x-cloud-trace-context
f45f053e79a4e4f987bd88261ce112c9
cache-control
public, max-age=31536000
alt-svc
clear
content-length
14628
via
1.1 google
expires
Fri, 13 May 2022 19:24:37 GMT
css
fonts.googleapis.com/ 		48 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Condensed:300,400,500,700|Poppins:300,400,500,700|Montserrat:300,400,500,700|PT+Sans:300,400,500,700|Alegreya:300,400,500,700|Handlee:300,400,500,700|Crimson+Text:300,400,500,700|Lato:300,400,500,700|Raleway:300,400,500,700|Open+Sans:300,400,500,700
Requested by
Host: u1strealty.com.au
URL: https://u1strealty.com.au/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fc323a6b35c0d7321474636d1e60f1f3241adc0c0c5495d1b4978d64b2457c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 14 May 2021 20:15:06 GMT
server
ESF
date
Fri, 14 May 2021 20:15:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 May 2021 20:15:06 GMT
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-103832271-3
Requested by
Host: u1strealty.com.au
URL: https://u1strealty.com.au/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
89e5202432f1d848d6a2caf3597d01d77997ea890bcb3e89e1efa273ede75db6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 20:15:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35707
x-xss-protection
0
last-modified
Fri, 14 May 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 May 2021 20:15:06 GMT
3bloggQrb1N4YJEA-JbuyrCGSq4f9t4De4M4S00SmpfGIpDh-WYF5SP-SgPT-aPJu8_M4FC0mOmrJpXmVKOB=w254
lh3.googleusercontent.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/3bloggQrb1N4YJEA-JbuyrCGSq4f9t4De4M4S00SmpfGIpDh-WYF5SP-SgPT-aPJu8_M4FC0mOmrJpXmVKOB=w254
Requested by
Host: u1strealty.com.au
URL: https://u1strealty.com.au/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cad60c7ee0cf7b405325e71de9068e4bd8b536d32a5fbedecb9000be4a473c9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 20:15:06 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7201
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 13 May 2021 10:34:56 GMT
feaYF855FP17J8UuRq5MaZ5-cQ5W4c7KTqcAKqwyFgk0so_abzzRXBMmf01SpTb5vk3ahRJ7fTTsosw-4tnw8w=w16
lh3.googleusercontent.com/ 		448 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/feaYF855FP17J8UuRq5MaZ5-cQ5W4c7KTqcAKqwyFgk0so_abzzRXBMmf01SpTb5vk3ahRJ7fTTsosw-4tnw8w=w16
Requested by
Host: u1strealty.com.au
URL: https://u1strealty.com.au/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bd306b97b82baa6c01d2c1bbf5cf5c3715ed6ed123dbadf0cefe58f49b8fc84b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 20:15:06 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
448
x-xss-protection
0
expires
Sat, 15 May 2021 20:15:06 GMT
kSjiF5efia7zfkv0jSqzeohdqhjmXeA3JcqdPkVjge6jUComGl5l6bKqW9Ds8puub_t2TwucdiSaYG4RfSpNCw=w16
lh3.googleusercontent.com/ 		379 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/kSjiF5efia7zfkv0jSqzeohdqhjmXeA3JcqdPkVjge6jUComGl5l6bKqW9Ds8puub_t2TwucdiSaYG4RfSpNCw=w16
Requested by
Host: u1strealty.com.au
URL: https://u1strealty.com.au/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
807eef9bbf817465cc036e6b92646611d89164ef894f97a01f88c5ae5f817957
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 20:15:06 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 13 May 2021 10:34:56 GMT
dVhLO-2sTAWVbxE4aHOkdg0dgn9knoFm2rZe85N5p3plOgaPH1wz-OOtaZ1pszU0VYLATexjrtesk0fqIFEX-ng=w16
lh3.googleusercontent.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/dVhLO-2sTAWVbxE4aHOkdg0dgn9knoFm2rZe85N5p3plOgaPH1wz-OOtaZ1pszU0VYLATexjrtesk0fqIFEX-ng=w16
Requested by
Host: u1strealty.com.au
URL: https://u1strealty.com.au/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
23d5bc619f70e95156622f3c87d1c39b6ea89b2112dc557e95a1dd244ca2d001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 20:15:06 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3105
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 13 May 2021 10:34:56 GMT
embed.js
embed.lpcontent.net/leadboxes/current/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.lpcontent.net/leadboxes/current/embed.js
Requested by
Host: u1strealty.com.au
URL: https://u1strealty.com.au/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
eab4d4ad96371fd11c5204825006ff6cb5e87e04e089c15eeb59059766424ef1

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 20:11:43 GMT
content-encoding
gzip
server
Google Frontend
age
203
etag
"WBcxNA"
content-type
application/javascript
access-control-allow-origin
*
x-cloud-trace-context
d557124f2493bb8b419a59e4a51b9663
cache-control
public, max-age=300
alt-svc
clear
content-length
14834
via
1.1 google
expires
Fri, 14 May 2021 20:16:43 GMT
center.js
js.center.io/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.center.io/center.js
Requested by
Host: u1strealty.com.au
URL: https://u1strealty.com.au/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 20:12:40 GMT
content-encoding
gzip
server
Google Frontend
age
146
etag
"OMWYXg"
content-type
application/javascript
x-cloud-trace-context
20e5b8390713fe15cf23ae79b7d897c5
cache-control
public, max-age=300
content-length
5417
expires
Fri, 14 May 2021 20:17:40 GMT
fXzN6AJFCi2wNvmEJMiuQJPhaBh1nI37GvtTjUtIbe5NlYYZnNIH0Ai_N5vATPchjuhdRg0w4j0c5KQhNiD1zQ=w16
lh3.googleusercontent.com/ 		342 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/fXzN6AJFCi2wNvmEJMiuQJPhaBh1nI37GvtTjUtIbe5NlYYZnNIH0Ai_N5vATPchjuhdRg0w4j0c5KQhNiD1zQ=w16
Requested by
Host: u1strealty.com.au
URL: https://u1strealty.com.au/login.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0f85ec05fea2fd63867fff721132841e97dab1a2bd7fbcf7e3c734a90ffeb771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 20:15:06 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 10 May 2021 10:51:11 GMT
NF12cM2krYKqNqGwQiIYTz9zFgHhVpeZrlJld7Lj__a2cW5vPJMv3jq8KvWLp9bWNrYy9eP72OeIqlat9HBnvmE=w16
lh3.googleusercontent.com/ 		395 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/NF12cM2krYKqNqGwQiIYTz9zFgHhVpeZrlJld7Lj__a2cW5vPJMv3jq8KvWLp9bWNrYy9eP72OeIqlat9HBnvmE=w16
Requested by
Host: u1strealty.com.au
URL: https://u1strealty.com.au/login.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
99c9a17532934787dee30cbe8cc710437cac8ac90fc70c37daa5e14c402b271a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 20:15:06 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
395
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 13 May 2021 10:34:56 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Condensed:300,400,500,700|Poppins:300,400,500,700|Montserrat:300,400,500,700|PT+Sans:300,400,500,700|Alegreya:300,400,500,700|Handlee:300,400,500,700|Crimson+Text:300,400,500,700|Lato:300,400,500,700|Raleway:300,400,500,700|Open+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://u1strealty.com.au
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 04:11:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
489816
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19480
x-xss-protection
0
expires
Mon, 09 May 2022 04:11:30 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Condensed:300,400,500,700|Poppins:300,400,500,700|Montserrat:300,400,500,700|PT+Sans:300,400,500,700|Alegreya:300,400,500,700|Handlee:300,400,500,700|Crimson+Text:300,400,500,700|Lato:300,400,500,700|Raleway:300,400,500,700|Open+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://u1strealty.com.au
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 23:35:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
age
333593
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
expires
Tue, 10 May 2022 23:35:13 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Condensed:300,400,500,700|Poppins:300,400,500,700|Montserrat:300,400,500,700|PT+Sans:300,400,500,700|Alegreya:300,400,500,700|Handlee:300,400,500,700|Crimson+Text:300,400,500,700|Lato:300,400,500,700|Raleway:300,400,500,700|Open+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://u1strealty.com.au
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
103177
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Fri, 13 May 2022 15:35:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Condensed:300,400,500,700|Poppins:300,400,500,700|Montserrat:300,400,500,700|PT+Sans:300,400,500,700|Alegreya:300,400,500,700|Handlee:300,400,500,700|Crimson+Text:300,400,500,700|Lato:300,400,500,700|Raleway:300,400,500,700|Open+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://u1strealty.com.au
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:43:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
153094
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Fri, 13 May 2022 01:43:32 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Condensed:300,400,500,700|Poppins:300,400,500,700|Montserrat:300,400,500,700|PT+Sans:300,400,500,700|Alegreya:300,400,500,700|Handlee:300,400,500,700|Crimson+Text:300,400,500,700|Lato:300,400,500,700|Raleway:300,400,500,700|Open+Sans:300,400,500,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://u1strealty.com.au
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 22:46:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:56 GMT
server
sffe
age
77306
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15720
x-xss-protection
0
expires
Fri, 13 May 2022 22:46:40 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-103832271-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6494
date
Fri, 14 May 2021 18:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 14 May 2021 20:26:52 GMT
fXzN6AJFCi2wNvmEJMiuQJPhaBh1nI37GvtTjUtIbe5NlYYZnNIH0Ai_N5vATPchjuhdRg0w4j0c5KQhNiD1zQ=w1600
lh3.googleusercontent.com/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/fXzN6AJFCi2wNvmEJMiuQJPhaBh1nI37GvtTjUtIbe5NlYYZnNIH0Ai_N5vATPchjuhdRg0w4j0c5KQhNiD1zQ=w1600
Requested by
Host: u1strealty.com.au
URL: https://u1strealty.com.au/login.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fb4ac9f037b739c19a2d03a2d9fe36e52204f10e6231a5a350810bd73216a086
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 20:15:06 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56521
x-xss-protection
0
expires
Sat, 15 May 2021 20:15:06 GMT
NF12cM2krYKqNqGwQiIYTz9zFgHhVpeZrlJld7Lj__a2cW5vPJMv3jq8KvWLp9bWNrYy9eP72OeIqlat9HBnvmE=w1600
lh3.googleusercontent.com/ 		251 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/NF12cM2krYKqNqGwQiIYTz9zFgHhVpeZrlJld7Lj__a2cW5vPJMv3jq8KvWLp9bWNrYy9eP72OeIqlat9HBnvmE=w1600
Requested by
Host: u1strealty.com.au
URL: https://u1strealty.com.au/login.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5c780338a282f06925330affe998f5b5413fc1833719aee4b8c73c3958377ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 20:15:06 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
257204
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 13 May 2021 10:34:56 GMT
identify.html
js.center.io/ Frame 87F6 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.center.io/identify.html
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

:method
GET
:authority
js.center.io
:scheme
https
:path
/identify.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://u1strealty.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://u1strealty.com.au/

Response headers

date
Fri, 14 May 2021 20:14:00 GMT
expires
Fri, 14 May 2021 20:19:00 GMT
etag
"OMWYXg"
x-cloud-trace-context
4b434113f5d1c0b9866474c4f8612949
content-type
text/html
content-encoding
gzip
server
Google Frontend
content-length
2016
age
66
cache-control
public, max-age=300
kSjiF5efia7zfkv0jSqzeohdqhjmXeA3JcqdPkVjge6jUComGl5l6bKqW9Ds8puub_t2TwucdiSaYG4RfSpNCw=w275
lh3.googleusercontent.com/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/kSjiF5efia7zfkv0jSqzeohdqhjmXeA3JcqdPkVjge6jUComGl5l6bKqW9Ds8puub_t2TwucdiSaYG4RfSpNCw=w275
Requested by
Host: u1strealty.com.au
URL: https://u1strealty.com.au/login.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e0a84b30d184930a1836b7615f6a5f5b5233dccd87a79238389f1d8ea0ca2754
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 20:15:06 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8695
x-xss-protection
0
expires
Sat, 15 May 2021 20:15:06 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=602339976&t=pageview&_s=1&dl=https%3A%2F%2Fu1strealty.com.au%2Flogin.php&ul=en-us&de=UTF-8&dt=U1st%20Realty%20-%20Brand%20New%20Homes%2C%20Buyers%20Agents%2C%20Sellers%20Agents%2C%20Home%20Loans.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=831708385&gjid=47345697&cid=156360729.1621023306&tid=UA-103832271-3&_gid=1860689342.1621023306&_r=1&gtm=2ou5c1&z=1285211097
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 May 2021 20:15:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://u1strealty.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=602339976&t=pageview&_s=2&dl=https%3A%2F%2Fu1strealty.com.au%2Flogin.php&ul=en-us&de=UTF-8&dt=U1st%20Realty%20-%20Brand%20New%20Homes%2C%20Buyers%20Agents%2C%20Sellers%20Agents%2C%20Home%20Loans.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=156360729.1621023306&tid=UA-103832271-3&_gid=1860689342.1621023306&gtm=2ou5c1&z=1312683459
Requested by
Host: u1strealty.com.au
URL: https://u1strealty.com.au/login.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 May 2021 10:09:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36328
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
capture
api.leadpages.io/analytics/v1/events/ 		35 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/events/capture?k=view&a=site&l=hoWXbtCcVa4PoSgPpR2fLh%3A48d1c6b1-4e41-7d2f-e30f-1ef4949933ff&v=&e=&st=&lc=en-US&pid=3cjXrsVtCgdtJzNQdH6mka&uid=4YWHaWRnhVgRj3s5qSDJ5t&sid=WRsLnV5wVvBpcscD6KGQYU&cid=site-hoWXbtCcVa4PoSgPpR2fLh%3A48d1c6b1-4e41-7d2f-e30f-1ef4949933ff&uri=https%3A%2F%2Fu1strealty.com.au%2Flogin.php&rf=&rx=1600&ry=1200&tz=%2B02%3A00
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 14 May 2021 20:15:06 GMT
Server
Stargate
access-control-max-age
600
X-Forwarded-For
159.48.55.5
Content-Type
image/gif
access-control-allow-origin
https://u1strealty.com.au
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
x-request-id
048jc12rb073431t5h50
dVhLO-2sTAWVbxE4aHOkdg0dgn9knoFm2rZe85N5p3plOgaPH1wz-OOtaZ1pszU0VYLATexjrtesk0fqIFEX-ng=w200
lh3.googleusercontent.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/dVhLO-2sTAWVbxE4aHOkdg0dgn9knoFm2rZe85N5p3plOgaPH1wz-OOtaZ1pszU0VYLATexjrtesk0fqIFEX-ng=w200
Requested by
Host: u1strealty.com.au
URL: https://u1strealty.com.au/login.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ff58e938f82e767b4ba11ce695c16a373c1a89b0bf16b0f7f87890ce24e26caf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 20:15:06 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20327
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 13 May 2021 10:34:56 GMT
feaYF855FP17J8UuRq5MaZ5-cQ5W4c7KTqcAKqwyFgk0so_abzzRXBMmf01SpTb5vk3ahRJ7fTTsosw-4tnw8w=w990
lh3.googleusercontent.com/ 		182 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/feaYF855FP17J8UuRq5MaZ5-cQ5W4c7KTqcAKqwyFgk0so_abzzRXBMmf01SpTb5vk3ahRJ7fTTsosw-4tnw8w=w990
Requested by
Host: u1strealty.com.au
URL: https://u1strealty.com.au/login.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
42f2d444516dfd5ad491e12c18c5261ef397f053ba78089c1ac40c98a64cba95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 20:15:06 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
185891
x-xss-protection
0
expires
Sat, 15 May 2021 20:15:06 GMT
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.1&correlateBy=AKLb7aY9K3cFJWBWgk7XQs&kind=timer&label=lb_embed_embed_script_load&value=131.62000104784966
Requested by
Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 14 May 2021 20:15:07 GMT
Server
Stargate
access-control-max-age
600
X-Forwarded-For
159.48.55.5
Content-Type
image/gif
access-control-allow-origin
https://u1strealty.com.au
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
x-request-id
048k1qmf1kjnmi86pr90
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=1,235,435,672,9,675,839,840,1457,1457
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 14 May 2021 20:15:07 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
159.48.55.5
Content-Type
image/gif
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
048jc15e4slmdioa68j0
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=rimkSwSrj4xfEZPsnhokaa&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=36.51000000536442,34.76500138640404,1,366.03499948978424
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://u1strealty.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 14 May 2021 20:15:10 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
159.48.55.5
Content-Type
image/gif
access-control-allow-origin
https://u1strealty.com.au
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
access-control-max-age
600
Connection
keep-alive
x-request-id
048jc233ptvos3791eug

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| LeadPagesCenterObject function| center function| gtag object| dataLayer object| google_tag_manager object| sup function| _typeof object| LPSite function| navigateToRoute function| createPopper function| ownKeys function| _objectSpread function| _defineProperty function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| LPLeadboxesDispatched object| LPLeadboxes object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.u1strealty.com.au/ Name: _gat_gtag_UA_103832271_3
Value: 1
.u1strealty.com.au/ Name: _gid
Value: GA1.3.1860689342.1621023306
.u1strealty.com.au/ Name: _ga
Value: GA1.3.156360729.1621023306

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
embed.lpcontent.net
fonts.googleapis.com
fonts.gstatic.com
js.center.io
lh3.googleusercontent.com
static.leadpages.net
u1strealty.com.au
www.google-analytics.com
www.googletagmanager.com
2a00:1450:4001:801::2001
2a00:1450:4001:802::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2013
34.107.203.240
35.192.151.63
35.202.21.90
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
0f85ec05fea2fd63867fff721132841e97dab1a2bd7fbcf7e3c734a90ffeb771
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
23d5bc619f70e95156622f3c87d1c39b6ea89b2112dc557e95a1dd244ca2d001
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
42f2d444516dfd5ad491e12c18c5261ef397f053ba78089c1ac40c98a64cba95
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
5c780338a282f06925330affe998f5b5413fc1833719aee4b8c73c3958377ce4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
807eef9bbf817465cc036e6b92646611d89164ef894f97a01f88c5ae5f817957
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89e5202432f1d848d6a2caf3597d01d77997ea890bcb3e89e1efa273ede75db6
99c9a17532934787dee30cbe8cc710437cac8ac90fc70c37daa5e14c402b271a
bd306b97b82baa6c01d2c1bbf5cf5c3715ed6ed123dbadf0cefe58f49b8fc84b
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
cad60c7ee0cf7b405325e71de9068e4bd8b536d32a5fbedecb9000be4a473c9e
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d95128b65ef31114559d17f90f2b69b620196c6795dfdc87c64f4862f10be71c
e0a84b30d184930a1836b7615f6a5f5b5233dccd87a79238389f1d8ea0ca2754
eab4d4ad96371fd11c5204825006ff6cb5e87e04e089c15eeb59059766424ef1
fb4ac9f037b739c19a2d03a2d9fe36e52204f10e6231a5a350810bd73216a086
fc323a6b35c0d7321474636d1e60f1f3241adc0c0c5495d1b4978d64b2457c37
ff58e938f82e767b4ba11ce695c16a373c1a89b0bf16b0f7f87890ce24e26caf