prod-login.hastingsdeering.com.au Open in urlscan Pro
2606:4700::6810:a116 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.onelink.to/hd360
Effective URL:
https://prod-login.hastingsdeering.com.au/login?state=hKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3RpZNkgSHE4d1REaFdGTDFm...
Submission: On October 11 via manual (October 11th 2023, 1:00:34 am UTC) from AU — Scanned from NL

Summary HTTP 94 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 18 domains to perform 94 HTTP transactions. The main IP is 2606:4700::6810:a116, located in United States and belongs to CLOUDFLARENET, US. The main domain is prod-login.hastingsdeering.com.au.
TLS certificate: Issued by E1 on August 26th 2023. Valid for: 3 months.

This is the only time prod-login.hastingsdeering.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	188.166.100.175 188.166.100.175	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 1	178.128.140.200 178.128.140.200	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
9 28	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
2	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:780... 2a02:26f0:780::210:a423	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
6	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
3	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6810:a116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:20e... 2600:9000:20eb:1a00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
5 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	52.48.140.7 52.48.140.7	16509 (AMAZON-02) (AMAZON-02)
5	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:b200:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
1	18.200.156.125 18.200.156.125	16509 (AMAZON-02) (AMAZON-02)
94	28

6 188.166.100.175 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.onelink.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.140.200 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

onelink.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 199.36.158.100 (United States) 9 redirects

ASN54113 (FASTLY, US)

hd360.hastingsdeering.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.hastingsdeering.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:780::210:a423 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a116 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

prod-login.hastingsdeering.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:1a00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 5 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.140.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-140-7.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

hd360support.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:b200:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.156.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-156-125.eu-west-1.compute.amazonaws.com

metrics.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	hastingsdeering.com.au 10 redirects hd360.hastingsdeering.com.au prod-login.hastingsdeering.com.au connect.hastingsdeering.com.au	1 MB
14	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 maps.googleapis.com — Cisco Umbrella Rank: 418 firebase.googleapis.com — Cisco Umbrella Rank: 4176 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 536 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 423	65 KB
8	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2397 ekr.zdassets.com — Cisco Umbrella Rank: 2723	552 KB
7	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 416 www.linkedin.com — Cisco Umbrella Rank: 708 px4.ads.linkedin.com — Cisco Umbrella Rank: 6066	6 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	585 KB
7	onelink.to 2 redirects www.onelink.to onelink.to — Cisco Umbrella Rank: 135093	320 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714	331 B
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 901 script.hotjar.com — Cisco Umbrella Rank: 1101	121 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	178 KB
4	licdn.com snap.licdn.com — Cisco Umbrella Rank: 981	18 KB
3	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 7121 metrics.hotjar.io — Cisco Umbrella Rank: 10296	391 B
3	gstatic.com fonts.gstatic.com www.gstatic.com	89 KB
2	zendesk.com hd360support.zendesk.com	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	239 B
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1230	728 B
1	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 7991	49 KB
1	google.nl www.google.nl — Cisco Umbrella Rank: 8860	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98	263 B
94	18

	Domain	Requested by
19	hd360.hastingsdeering.com.au	www.onelink.to hd360.hastingsdeering.com.au prod-login.hastingsdeering.com.au
9	connect.hastingsdeering.com.au	9 redirects
7	www.googletagmanager.com	www.onelink.to hd360.hastingsdeering.com.au www.googletagmanager.com prod-login.hastingsdeering.com.au www.gstatic.com
6	static.zdassets.com	hd360.hastingsdeering.com.au static.zdassets.com prod-login.hastingsdeering.com.au
6	www.onelink.to	1 redirects www.onelink.to
5	region1.analytics.google.com	www.googletagmanager.com
4	firebaseinstallations.googleapis.com	hd360.hastingsdeering.com.au www.gstatic.com
4	px.ads.linkedin.com	4 redirects
4	firebase.googleapis.com	hd360.hastingsdeering.com.au www.gstatic.com
4	connect.facebook.net	www.onelink.to connect.facebook.net
4	snap.licdn.com	www.googletagmanager.com snap.licdn.com
3	script.hotjar.com	static.hotjar.com script.hotjar.com
2	www.gstatic.com	prod-login.hastingsdeering.com.au
2	hd360support.zendesk.com	static.zdassets.com
2	firebaseremoteconfig.googleapis.com	hd360.hastingsdeering.com.au
2	content.hotjar.io	hd360.hastingsdeering.com.au script.hotjar.com
2	www.facebook.com	prod-login.hastingsdeering.com.au
2	ekr.zdassets.com	static.zdassets.com
2	px4.ads.linkedin.com	prod-login.hastingsdeering.com.au
2	cdn.linkedin.oribi.io	hd360.hastingsdeering.com.au snap.licdn.com
2	prod-login.hastingsdeering.com.au	1 redirects hd360.hastingsdeering.com.au
2	maps.googleapis.com	hd360.hastingsdeering.com.au
2	static.hotjar.com	www.googletagmanager.com
2	fonts.googleapis.com	www.onelink.to prod-login.hastingsdeering.com.au
1	metrics.hotjar.io	static.hotjar.com
1	cdn.auth0.com	prod-login.hastingsdeering.com.au
1	www.google.nl
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.linkedin.com	1 redirects
1	onelink.to	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
94	31

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
www.hastingsdeering.com.au

Subject Issuer	Validity	Valid
onelink.to R3	`2023-09-06` - `2023-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cat-sso.hastingsdeering.com.au GTS CA 1D4	`2023-08-18` - `2023-11-17`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-20` - `2023-10-18`	3 months	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2023-10-10` - `2024-10-09`	a year	crt.sh
prod-login.hastingsdeering.com.au E1	`2023-08-26` - `2023-11-24`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
hd360support.zendesk.com Cloudflare Inc ECC CA-3	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.auth0.com Amazon RSA 2048 M01	`2023-02-24` - `2024-03-24`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://prod-login.hastingsdeering.com.au/login?state=hKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3RpZNkgSHE4d1REaFdGTDFmRXl4M0FqeG5TRDIzTnlZUi10WEijY2lk2SB2a1JhMFNXeU5Md1NJbExQR0pQM3l1YUozQ2pFcWd2Vw&client=vkRa0SWyNLwSIlLPGJP3yuaJ3CjEqgvW&protocol=oauth2&audience=https%3A%2F%2Fuplatform-api-prod.web.app&scope=openid%20profile%20email%20uplapi%20yourapp%3Aapi%20offline_access&redirect_uri=https%3A%2F%2Fhd360.hastingsdeering.com.au&promptMobileApp=JTdCJTIyc2hvdWxkVXNlJTIyJTNBZmFsc2UlMkMlMjJvcyUyMiUzQSUyMldpbmRvd3MlMjIlN0Q%3D&response_type=code&response_mode=query&nonce=QTN4WnJNUXE2c2pMVGhHT2g3S29oR2gzTEs0NGZPcTNFRDFTS05zUktIQw%3D%3D&code_challenge=RQxZJG4Zqc48dZEQfq06OUrUwo7C7TV0zsnE4GR2TgY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuNiJ9
Frame ID: 69BF35C33782C324C0D72379AA32ADFD
Requests: 83 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/snippet.js
Frame ID: 5CE28F1DCBFAFB82C2672E64B7335DEE
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Frame ID: 26D13C4872826D9A4F482C8647FEC006
Requests: 4 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Frame ID: D233ED8E7C638E0451B1818F49EDD46E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LOG IN

Page URL History Show full URLs

http://www.onelink.to/hd360 HTTP 301
https://www.onelink.to/hd360 Page URL
https://onelink.to/hd360 HTTP 307
https://hd360.hastingsdeering.com.au/home?utm_source=hastingsdeering.com.au&utm_medium=referral&utm_campaign=Webs... Page URL
https://prod-login.hastingsdeering.com.au/authorize?audience=https%3A%2F%2Fuplatform-api-prod.web.app&client_id=vkRa0S... HTTP 302
https://prod-login.hastingsdeering.com.au/login?state=hKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3Rp... Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Auth0 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/auth0(?:-js)?/([\d.]+)/auth0(?:.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

94
Requests

83 %
HTTPS

62 %
IPv6

18
Domains

31
Subdomains

28
IPs

6
Countries

3140 kB
Transfer

9950 kB
Size

25
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/us/app/hd360/id6443837390

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.hastingsdeering.connect

Search URL Search Domain Scan URL

URL: https://www.hastingsdeering.com.au/digital-platform/terms-and-conditions
Title: terms and conditions

Search URL Search Domain Scan URL

URL: https://www.hastingsdeering.com.au/legal/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.onelink.to/hd360 HTTP 301
https://www.onelink.to/hd360 Page URL
https://onelink.to/hd360 HTTP 307
https://hd360.hastingsdeering.com.au/home?utm_source=hastingsdeering.com.au&utm_medium=referral&utm_campaign=Website+HD360+Login+Button&utm_content=HD360+Login+Button Page URL
https://prod-login.hastingsdeering.com.au/authorize?audience=https%3A%2F%2Fuplatform-api-prod.web.app&client_id=vkRa0SWyNLwSIlLPGJP3yuaJ3CjEqgvW&scope=openid%20profile%20email%20uplapi%20yourapp%3Aapi%20offline_access&redirect_uri=https%3A%2F%2Fhd360.hastingsdeering.com.au&promptMobileApp=JTdCJTIyc2hvdWxkVXNlJTIyJTNBZmFsc2UlMkMlMjJvcyUyMiUzQSUyMldpbmRvd3MlMjIlN0Q%3D&response_type=code&response_mode=query&state=RHhLeVcya2JhNTBiLVh6RlZESE1RRC5GYkJDcTc1OTVjRm5QZFFrTXZFVQ%3D%3D&nonce=QTN4WnJNUXE2c2pMVGhHT2g3S29oR2gzTEs0NGZPcTNFRDFTS05zUktIQw%3D%3D&code_challenge=RQxZJG4Zqc48dZEQfq06OUrUwo7C7TV0zsnE4GR2TgY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuNiJ9 HTTP 302
https://prod-login.hastingsdeering.com.au/login?state=hKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3RpZNkgSHE4d1REaFdGTDFmRXl4M0FqeG5TRDIzTnlZUi10WEijY2lk2SB2a1JhMFNXeU5Md1NJbExQR0pQM3l1YUozQ2pFcWd2Vw&client=vkRa0SWyNLwSIlLPGJP3yuaJ3CjEqgvW&protocol=oauth2&audience=https%3A%2F%2Fuplatform-api-prod.web.app&scope=openid%20profile%20email%20uplapi%20yourapp%3Aapi%20offline_access&redirect_uri=https%3A%2F%2Fhd360.hastingsdeering.com.au&promptMobileApp=JTdCJTIyc2hvdWxkVXNlJTIyJTNBZmFsc2UlMkMlMjJvcyUyMiUzQSUyMldpbmRvd3MlMjIlN0Q%3D&response_type=code&response_mode=query&nonce=QTN4WnJNUXE2c2pMVGhHT2g3S29oR2gzTEs0NGZPcTNFRDFTS05zUktIQw%3D%3D&code_challenge=RQxZJG4Zqc48dZEQfq06OUrUwo7C7TV0zsnE4GR2TgY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuNiJ9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.onelink.to/hd360 HTTP 301
https://www.onelink.to/hd360

Request Chain 8

https://onelink.to/hd360 HTTP 307
https://hd360.hastingsdeering.com.au/home?utm_source=hastingsdeering.com.au&utm_medium=referral&utm_campaign=Website+HD360+Login+Button&utm_content=HD360+Login+Button

Request Chain 31

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37867&time=1696986025565&url=https%3A%2F%2Fhd360.hastingsdeering.com.au%2Flogout HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37867&time=1696986025565&url=https%3A%2F%2Fhd360.hastingsdeering.com.au%2Flogout&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D37867%26time%3D1696986025565%26url%3Dhttps%253A%252F%252Fhd360.hastingsdeering.com.au%252Flogout%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37867&time=1696986025565&url=https%3A%2F%2Fhd360.hastingsdeering.com.au%2Flogout&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=37867&time=1696986025565&url=https%3A%2F%2Fhd360.hastingsdeering.com.au%2Flogout&cookiesTest=true&liSync=true&e_ipv6=AQI7otPBa9mZngAAAYscP9BD8QwIBqsQu1LxrR1HTAcVRPVsS1fxZCozfSJJf0B9M5uOpSEC5UWqCAamO9w

Request Chain 56

https://connect.hastingsdeering.com.au/assets/auth/logo.svg HTTP 301
https://hd360.hastingsdeering.com.au/assets/auth/logo.svg

Request Chain 57

https://connect.hastingsdeering.com.au/assets/icons/svg/logo360.svg HTTP 301
https://hd360.hastingsdeering.com.au/assets/icons/svg/logo360.svg

Request Chain 58

https://connect.hastingsdeering.com.au/assets/auth/hd360-get-connected.png HTTP 301
https://hd360.hastingsdeering.com.au/assets/auth/hd360-get-connected.png

Request Chain 59

https://connect.hastingsdeering.com.au/assets/auth/app-store.png HTTP 301
https://hd360.hastingsdeering.com.au/assets/auth/app-store.png

Request Chain 60

https://connect.hastingsdeering.com.au/assets/auth/google-play.png HTTP 301
https://hd360.hastingsdeering.com.au/assets/auth/google-play.png

Request Chain 65

https://connect.hastingsdeering.com.au/assets/auth/app-store.png HTTP 301
https://hd360.hastingsdeering.com.au/assets/auth/app-store.png

Request Chain 66

https://connect.hastingsdeering.com.au/assets/auth/google-play.png HTTP 301
https://hd360.hastingsdeering.com.au/assets/auth/google-play.png

Request Chain 67

https://connect.hastingsdeering.com.au/assets/auth/login-background.svg HTTP 301
https://hd360.hastingsdeering.com.au/assets/auth/login-background.svg

Request Chain 83

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37867&time=1696986028607&url=https%3A%2F%2Fprod-login.hastingsdeering.com.au%2Flogin%3Fstate%3DhKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3RpZNkgSHE4d1REaFdGTDFmRXl4M0FqeG5TRDIzTnlZUi10WEijY2lk2SB2a1JhMFNXeU5Md1NJbExQR0pQM3l1YUozQ2pFcWd2Vw%26client%3DvkRa0SWyNLwSIlLPGJP3yuaJ3CjEqgvW%26protocol%3Doauth2%26audience%3Dhttps%253A%252F%252Fuplatform-api-prod.web.app%26scope%3Dopenid%2520profile%2520email%2520uplapi%2520yourapp%253Aapi%2520offline_access%26redirect_uri%3Dhttps%253A%252F%252Fhd360.hastingsdeering.com.au%26promptMobileApp%3DJTdCJTIyc2hvdWxkVXNlJTIyJTNBZmFsc2UlMkMlMjJvcyUyMiUzQSUyMldpbmRvd3MlMjIlN0Q%253D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DQTN4WnJNUXE2c2pMVGhHT2g3S29oR2gzTEs0NGZPcTNFRDFTS05zUktIQw%253D%253D%26code_challenge%3DRQxZJG4Zqc48dZEQfq06OUrUwo7C7TV0zsnE4GR2TgY%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuNiJ9 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=37867&time=1696986028607&url=https%3A%2F%2Fprod-login.hastingsdeering.com.au%2Flogin%3Fstate%3DhKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3RpZNkgSHE4d1REaFdGTDFmRXl4M0FqeG5TRDIzTnlZUi10WEijY2lk2SB2a1JhMFNXeU5Md1NJbExQR0pQM3l1YUozQ2pFcWd2Vw%26client%3DvkRa0SWyNLwSIlLPGJP3yuaJ3CjEqgvW%26protocol%3Doauth2%26audience%3Dhttps%253A%252F%252Fuplatform-api-prod.web.app%26scope%3Dopenid%2520profile%2520email%2520uplapi%2520yourapp%253Aapi%2520offline_access%26redirect_uri%3Dhttps%253A%252F%252Fhd360.hastingsdeering.com.au%26promptMobileApp%3DJTdCJTIyc2hvdWxkVXNlJTIyJTNBZmFsc2UlMkMlMjJvcyUyMiUzQSUyMldpbmRvd3MlMjIlN0Q%253D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DQTN4WnJNUXE2c2pMVGhHT2g3S29oR2gzTEs0NGZPcTNFRDFTS05zUktIQw%253D%253D%26code_challenge%3DRQxZJG4Zqc48dZEQfq06OUrUwo7C7TV0zsnE4GR2TgY%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuNiJ9&e_ipv6=AQISBA8aLA8tagAAAYscP9qA5zIOuDGjVI-8Yg_qoHzPRFrVm3wcH1WnXi_lvWUNy3JL9WT3JQ4sOV_qpw4

Request Chain 90

https://connect.hastingsdeering.com.au/assets/auth/check.svg HTTP 301
https://hd360.hastingsdeering.com.au/assets/auth/check.svg

94 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

hd360 Show response
www.onelink.to/
Redirect Chain

http://www.onelink.to/hd360
https://www.onelink.to/hd360

7 KB
3 KB

47ms
14ms

Document
text/html

188.166.100.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onelink.to/hd360

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

188.166.100.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4441fa6c7ddd3321da05ea38937202c7e1a7fe41a2941653ccb25f5eef70675e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 11 Oct 2023 01:00:24 GMT
ETag: W/"6411bd49-1a0b"
Last-Modified: Wed, 15 Mar 2023 12:42:49 GMT
Referrer-Policy: origin
Server: nginx
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 169
Content-Type: text/html
Date: Wed, 11 Oct 2023 01:00:24 GMT
Location: https://www.onelink.to/hd360
Server: nginx/1.21.4

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1 KB 78ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.onelink.to
URL: https://www.onelink.to/hd360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2074b871b5a0cf7a87e49f1e4af7080145ebebf4e674ffda31643747d223cb30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onelink.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Oct 2023 01:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 00:19:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Oct 2023 01:00:24 GMT

GET
H/1.1 200
OK main.d7eaf000.js Show response
www.onelink.to/static/js/ 842 KB
262 KB 19ms
18ms Script
application/javascript 188.166.100.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onelink.to/static/js/main.d7eaf000.js
Requested by: Host: www.onelink.to
URL: https://www.onelink.to/hd360
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.166.100.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ebd7e909ee5185ff09b0ec454737557affd80c247284086e00556c486813b66

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onelink.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 01:00:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Mar 2023 12:42:47 GMT
Server: nginx
ETag: W/"6411bd47-d2859"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=7776000, public
Connection: keep-alive
Expires: Tue, 09 Jan 2024 01:00:24 GMT

GET
H/1.1 200
OK main.7a5c201d.css
www.onelink.to/static/css/ 12 KB
3 KB 40ms
13ms Stylesheet
text/css 188.166.100.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onelink.to/static/css/main.7a5c201d.css
Requested by: Host: www.onelink.to
URL: https://www.onelink.to/hd360
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.166.100.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 36eea9b6d4a61b4dbf91cbad4c0de46203b7f38a0edc1bfcf44f0a2719a02dde

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onelink.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 01:00:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Mar 2023 12:42:47 GMT
Server: nginx
ETag: W/"6411bd47-2f74"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=7776000, public
Connection: keep-alive
Expires: Tue, 09 Jan 2024 01:00:24 GMT

GET
H/1.1 200
OK onelinkto_logo.8beebcae9cee551c6ce3.png
www.onelink.to/static/media/ 6 KB
7 KB 40ms
13ms Image
image/png 188.166.100.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onelink.to/static/media/onelinkto_logo.8beebcae9cee551c6ce3.png
Requested by: Host: www.onelink.to
URL: https://www.onelink.to/hd360
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.166.100.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6235c7477bcd9b2e42e2ccdd72ba0d9a5d42d6e741c344c729016d8a5619aa86

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onelink.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 01:00:24 GMT
Last-Modified: Wed, 15 Mar 2023 12:42:47 GMT
Server: nginx
ETag: "6411bd47-19e8"
Content-Type: image/png
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6632
Expires: Tue, 09 Jan 2024 01:00:24 GMT

GET
H/1.1 200
OK onelinkto.c97859dd2b265d6882bb3c08d8c5523a.svg
www.onelink.to/static/media/ 65 KB
45 KB 44ms
15ms Image
image/svg+xml 188.166.100.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onelink.to/static/media/onelinkto.c97859dd2b265d6882bb3c08d8c5523a.svg

Requested by

Host: www.onelink.to
URL: https://www.onelink.to/hd360

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

188.166.100.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

80bcc63b8c70c42945245eaab0cabca7e81242dcde808eb81d5d68cd729f784d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onelink.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 01:00:24 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: origin
Last-Modified: Wed, 15 Mar 2023 12:42:47 GMT
Server: nginx
Content-Encoding: gzip
ETag: W/"6411bd47-10272"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 js
www.googletagmanager.com/gtag/ 221 KB
79 KB 82ms
34ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4BBB0HXQSM

Requested by

Host: www.onelink.to
URL: https://www.onelink.to/hd360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onelink.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80919
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 11 Oct 2023 01:00:24 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 68ms
19ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.onelink.to
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:19:49 GMT
x-content-type-options: nosniff
age: 456035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:19:49 GMT

GET
H2

200

home Show response
hd360.hastingsdeering.com.au/
Redirect Chain

https://onelink.to/hd360
https://hd360.hastingsdeering.com.au/home?utm_source=hastingsdeering.com.au&utm_medium=referral&utm_campaign=Website+HD360+Login+Button&utm_content=HD360+Login+Button

5 KB
2 KB

190ms
14ms

Document
text/html

199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hd360.hastingsdeering.com.au/home?utm_source=hastingsdeering.com.au&utm_medium=referral&utm_campaign=Website+HD360+Login+Button&utm_content=HD360+Login+Button

Requested by

Host: www.onelink.to
URL: https://www.onelink.to/static/js/main.d7eaf000.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

208fcab4624fb48bfd85faa4d1fb516d9ed825d2428a4cfd062d259addd8fca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.onelink.to/hd360
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 1618
content-type: text/html; charset=utf-8
date: Wed, 11 Oct 2023 01:00:25 GMT
etag: "daebdb82086e29f0e233186503ad4e89cceb25c0c0d44c173d70104d11a75971-br"
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-ams21059-AMS
x-timer: S1696986025.198465,VS0,VE1

Redirect headers

content-length: 0
date: Wed, 11 Oct 2023 01:00:25 GMT
location: https://hd360.hastingsdeering.com.au/home?utm_source=hastingsdeering.com.au&utm_medium=referral&utm_campaign=Website+HD360+Login+Button&utm_content=HD360+Login+Button
server: nginx

GET
H2 200 runtime.7942ade2d6ac913f.js Show response
hd360.hastingsdeering.com.au/ 3 KB
2 KB 15ms
14ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hd360.hastingsdeering.com.au/runtime.7942ade2d6ac913f.js

Requested by

Host: hd360.hastingsdeering.com.au
URL: https://hd360.hastingsdeering.com.au/home?utm_source=hastingsdeering.com.au&utm_medium=referral&utm_campaign=Website+HD360+Login+Button&utm_content=HD360+Login+Button

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4dabd7461d558ac33c6d9caa57b0c4e029ec2e18f267355368d3f3a65d7b4e7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hd360.hastingsdeering.com.au/home?utm_source=hastingsdeering.com.au&utm_medium=referral&utm_campaign=Website+HD360+Login+Button&utm_content=HD360+Login+Button
Origin: https://hd360.hastingsdeering.com.au
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-ams21059-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
date: Wed, 11 Oct 2023 01:00:25 GMT
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986025.215737,VS0,VE1
etag: "d2fd1265c4f0d644bfc24222a88d083eec997b900a48101418b9659c3bff1e7e-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1532
x-cache-hits: 1

GET
H2 200 polyfills.c7c1c1bf01cbb7de.js Show response
hd360.hastingsdeering.com.au/ 34 KB
11 KB 16ms
15ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hd360.hastingsdeering.com.au/polyfills.c7c1c1bf01cbb7de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aa691c09dd263714d2aaf43d786f84b36349cfc177bd841893b816952f944127

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hd360.hastingsdeering.com.au/home?utm_source=hastingsdeering.com.au&utm_medium=referral&utm_campaign=Website+HD360+Login+Button&utm_content=HD360+Login+Button
Origin: https://hd360.hastingsdeering.com.au
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-ams21059-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
date: Wed, 11 Oct 2023 01:00:25 GMT
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986025.216077,VS0,VE1
etag: "c26c0909390c7a41003de0e184b6c6a3e26b6b2206168b6897b31f78de73101e-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11199
x-cache-hits: 1

GET
H3 200 scripts.e6af0b0dacb73d10.js Show response
hd360.hastingsdeering.com.au/ 39 KB
14 KB 19ms
16ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hd360.hastingsdeering.com.au/scripts.e6af0b0dacb73d10.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7e748328f8b532ce7802096168f87d0457055e8ac26378b90baebde3ecf0211f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/home?utm_source=hastingsdeering.com.au&utm_medium=referral&utm_campaign=Website+HD360+Login+Button&utm_content=HD360+Login+Button
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-ams21039-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
date: Wed, 11 Oct 2023 01:00:25 GMT
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986025.239619,VS0,VE1
etag: "7c48d8254b042ef556ccbdca2c2c02824ef3a8c744467b54ffbf59f156bfebb9-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14171
x-cache-hits: 1

GET
H2 200 main.aa5ba0fef2c4dd05.js Show response
hd360.hastingsdeering.com.au/ 2 MB
317 KB 17ms
17ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hd360.hastingsdeering.com.au/main.aa5ba0fef2c4dd05.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1072591ef19e0b91844aa9c18439b541266c8fe77432cf47939cc3ce7d23622e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hd360.hastingsdeering.com.au/home?utm_source=hastingsdeering.com.au&utm_medium=referral&utm_campaign=Website+HD360+Login+Button&utm_content=HD360+Login+Button
Origin: https://hd360.hastingsdeering.com.au
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-ams21059-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
date: Wed, 11 Oct 2023 01:00:25 GMT
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986025.216049,VS0,VE3
etag: "1e723c2bd3bb3d680c1404fbb99ded64bb2689529f7a75374e74571706038c4d-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 324139
x-cache-hits: 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
71 KB 50ms
46ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5888VHJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ca284f2f576037565f2667f71e27c9f1f4d870200aba96fe3ec59c4b1f605b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72196
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 00:14:27 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 11 Oct 2023 01:00:25 GMT

GET
H3 200 styles.dea3dfa85006d67d.css
hd360.hastingsdeering.com.au/ 203 KB
21 KB 19ms
16ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hd360.hastingsdeering.com.au/styles.dea3dfa85006d67d.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0d1e153945add5427bd4cdad736cd29396ce326dde34d25f0291bd464193def8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/home?utm_source=hastingsdeering.com.au&utm_medium=referral&utm_campaign=Website+HD360+Login+Button&utm_content=HD360+Login+Button
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-ams21039-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
date: Wed, 11 Oct 2023 01:00:25 GMT
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986025.239908,VS0,VE1
etag: "3ad1e1356fe74a51ecece34857b86f2e3cb2f39f175d57b6a10fbe61b1405f59-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21558
x-cache-hits: 1

GET
H3 200 styles.dea3dfa85006d67d.css
hd360.hastingsdeering.com.au/ 203 KB
21 KB 16ms
15ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hd360.hastingsdeering.com.au/styles.dea3dfa85006d67d.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0d1e153945add5427bd4cdad736cd29396ce326dde34d25f0291bd464193def8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/home?utm_source=hastingsdeering.com.au&utm_medium=referral&utm_campaign=Website+HD360+Login+Button&utm_content=HD360+Login+Button
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-ams21039-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
date: Wed, 11 Oct 2023 01:00:25 GMT
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986025.280703,VS0,VE0
etag: "3ad1e1356fe74a51ecece34857b86f2e3cb2f39f175d57b6a10fbe61b1405f59-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21558
x-cache-hits: 2

GET
H2 200 hotjar-2968194.js
static.hotjar.com/c/ 9 KB
4 KB 106ms
55ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2968194.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5888VHJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 11 Oct 2023 01:00:25 GMT
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/638e817999ed9620ce4a9eca821567f2
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: BGozSjjs0eOXAy_v8oud34ozaYo7s-FEiSduiNT96KPScOXjclKzdg==

GET
H2 200 insight.min.js
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 73ms
21ms Script
application/x-javascript 2a02:26f0:780::210:a423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5888VHJ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=62682
accept-ranges: bytes
content-length: 3822

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 198 KB
53 KB 65ms
23ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.onelink.to
URL: https://www.onelink.to/hd360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 11 Oct 2023 01:00:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53364
x-xss-protection: 0
pragma: public
x-fb-debug: OKGRyDaDu/Tk6rYPM+UDx3Ogtt9LW42JJGb1Rci99ySuRIrjyma/vfXDcK4Bal4A0MINuJ1pYqOOLZB30S5K6g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js
maps.googleapis.com/maps/api/ 173 KB
59 KB 108ms
48ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBp2-vyXRRBHw4aIrorhel1AdleLczrwWU&callback=googleMapsCallback

Requested by

Host: hd360.hastingsdeering.com.au
URL: https://hd360.hastingsdeering.com.au/main.aa5ba0fef2c4dd05.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60478
x-xss-protection: 0

GET
H2 200 snippet.js
static.zdassets.com/ekr/ Frame 5CE2 10 KB
5 KB 102ms
33ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js

Requested by

Host: hd360.hastingsdeering.com.au
URL: https://hd360.hastingsdeering.com.au/main.aa5ba0fef2c4dd05.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:25 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG72W2QZVQMR1RD
age: 1
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: GoVnoy2qF9Dk8kQ+MdMhKfghn0mARE7l9EgbJdLnNNuU43oimKcqsqzdesH+K0MfnzCSaDN4yLTxUfwJSR/6zQ==
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJjhUyjBQkOiBf5BW8OO9Q7Aycb1L31xf6yrUfq9f7Ihq5gdTFMnCOx4G%2F%2BEo5LapUdaDqckqfc020q38Gtmu4yLC6poAhocn8XCQ78yOxFlZc%2F0OnEagjV6tgB9kkpYEdJVGrk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 81432a83bc2266ae-AMS

GET
H3 200 sprite.svg
hd360.hastingsdeering.com.au/assets/icons/ 70 KB
19 KB 15ms
14ms XHR
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hd360.hastingsdeering.com.au/assets/icons/sprite.svg

Requested by

Host: hd360.hastingsdeering.com.au
URL: https://hd360.hastingsdeering.com.au/polyfills.c7c1c1bf01cbb7de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://hd360.hastingsdeering.com.au/home?utm_source=hastingsdeering.com.au&utm_medium=referral&utm_campaign=Website+HD360+Login+Button&utm_content=HD360+Login+Button
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-ams21039-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
date: Wed, 11 Oct 2023 01:00:25 GMT
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986025.484808,VS0,VE1
etag: "b74bb29e9202fcd6ac985862184e8841ce75664188ca2b04a5d9cbfc71d1cd0a-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19334
x-cache-hits: 1

GET
H3 200 482.2ae0290a2f222bf0.js
hd360.hastingsdeering.com.au/ 19 KB
2 KB 24ms
24ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hd360.hastingsdeering.com.au/482.2ae0290a2f222bf0.js

Requested by

Host: hd360.hastingsdeering.com.au
URL: https://hd360.hastingsdeering.com.au/runtime.7942ade2d6ac913f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hd360.hastingsdeering.com.au/home?utm_source=hastingsdeering.com.au&utm_medium=referral&utm_campaign=Website+HD360+Login+Button&utm_content=HD360+Login+Button
Origin: https://hd360.hastingsdeering.com.au
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-ams21039-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
date: Wed, 11 Oct 2023 01:00:25 GMT
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986025.496603,VS0,VE2
etag: "29ae30a8076a05015fb9578be7287781d639df5443e3d2134e95595334230fac-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1934
x-cache-hits: 1

GET
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:192707135505:web:3a17fcf70fd676c7ffc9b0/ 302 B
406 B 46ms
45ms Fetch
application/json 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:192707135505:web:3a17fcf70fd676c7ffc9b0/webConfig

Requested by

Host: hd360.hastingsdeering.com.au
URL: https://hd360.hastingsdeering.com.au/polyfills.c7c1c1bf01cbb7de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://hd360.hastingsdeering.com.au/
x-goog-api-key: AIzaSyAKMJP_e9dQ0x4QOB6bi-3o0abthLQFF4U
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hd360.hastingsdeering.com.au
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217
x-xss-protection: 0

GET
BLOB 200
OK a5a4ccdc-05cd-4d65-85dd-c23519e58dd8
https://hd360.hastingsdeering.com.au/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hd360.hastingsdeering.com.au/a5a4ccdc-05cd-4d65-85dd-c23519e58dd8
Requested by: Host: hd360.hastingsdeering.com.au
URL: https://hd360.hastingsdeering.com.au/home?utm_source=hastingsdeering.com.au&utm_medium=referral&utm_campaign=Website+HD360+Login+Button&utm_content=HD360+Login+Button
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 5040
Content-Type: application/javascript

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:192707135505:web:3a17fcf70fd676c7ffc9b0/ Frame 0
0 112ms
34ms Preflight
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:192707135505:web:3a17fcf70fd676c7ffc9b0/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://hd360.hastingsdeering.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://hd360.hastingsdeering.com.au
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 11 Oct 2023 01:00:25 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 insight.old.min.js
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 20ms
20ms Script
application/x-javascript 2a02:26f0:780::210:a423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=9083
accept-ranges: bytes
content-length: 4862

GET
H2 200 1727253547587840
connect.facebook.net/signals/config/ 140 KB
36 KB 93ms
93ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1727253547587840?v=2.9.133&r=stable&domain=hd360.hastingsdeering.com.au

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 11 Oct 2023 01:00:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 70BN5H01+Yp6QoqdG0c5porhbeH/qP5upjYtKKqTYh5psD97rTU7HaBgBk3RhwQ92zSh/Hwzkq1TKnE9R5Qx1Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.3cb89fdee82cce4ad9b3.js
script.hotjar.com/ 225 KB
55 KB 81ms
23ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.3cb89fdee82cce4ad9b3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2968194.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 10:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 51559
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55975
last-modified: Tue, 10 Oct 2023 10:41:03 GMT
etag: "39d8b64fc948fc5ebdedc8f69ab2299d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -3jzX8_ZxsgDmLhNF0VAIRq6OgCc3vJFbI_jpx0oxgjVZzRmWpQ4Kg==

GET
H3 200 loader.svg
hd360.hastingsdeering.com.au/assets/img/ 5 KB
2 KB 19ms
17ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd360.hastingsdeering.com.au/assets/img/loader.svg

Requested by

Host: hd360.hastingsdeering.com.au
URL: https://hd360.hastingsdeering.com.au/logout

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/logout
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-ams21039-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
date: Wed, 11 Oct 2023 01:00:25 GMT
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986026.563585,VS0,VE1
etag: "5c5967747bfc2ec65dca616cf08625596a0a1c042e8d5e1f0a7f4f0ec7ce5780-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1966
x-cache-hits: 1

GET
H2

200

Primary Request login Show response
prod-login.hastingsdeering.com.au/
Redirect Chain

https://prod-login.hastingsdeering.com.au/authorize?audience=https%3A%2F%2Fuplatform-api-prod.web.app&client_id=vkRa0SWyNLwSIlLPGJP3yuaJ3CjEqgvW&scope=openid%20profile%20email%20uplapi%20yourapp%3A...
https://prod-login.hastingsdeering.com.au/login?state=hKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3RpZNkgSHE4d1REaFdGTDFmRXl4M0FqeG5TRDIzTnlZUi10WEijY2lk2SB2a1JhMFNXeU5Md1NJbExQR0p...

95 KB
96 KB

1243ms
1242ms

Document
text/html

2606:4700::6810:a116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-login.hastingsdeering.com.au/login?state=hKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3RpZNkgSHE4d1REaFdGTDFmRXl4M0FqeG5TRDIzTnlZUi10WEijY2lk2SB2a1JhMFNXeU5Md1NJbExQR0pQM3l1YUozQ2pFcWd2Vw&client=vkRa0SWyNLwSIlLPGJP3yuaJ3CjEqgvW&protocol=oauth2&audience=https%3A%2F%2Fuplatform-api-prod.web.app&scope=openid%20profile%20email%20uplapi%20yourapp%3Aapi%20offline_access&redirect_uri=https%3A%2F%2Fhd360.hastingsdeering.com.au&promptMobileApp=JTdCJTIyc2hvdWxkVXNlJTIyJTNBZmFsc2UlMkMlMjJvcyUyMiUzQSUyMldpbmRvd3MlMjIlN0Q%3D&response_type=code&response_mode=query&nonce=QTN4WnJNUXE2c2pMVGhHT2g3S29oR2gzTEs0NGZPcTNFRDFTS05zUktIQw%3D%3D&code_challenge=RQxZJG4Zqc48dZEQfq06OUrUwo7C7TV0zsnE4GR2TgY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuNiJ9

Requested by

Host: hd360.hastingsdeering.com.au
URL: https://hd360.hastingsdeering.com.au/main.aa5ba0fef2c4dd05.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a116 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5f00505e68d0b754ef4e468d6a4e2e1f934ec8e001daef91b614ad6d97a2ff0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hd360.hastingsdeering.com.au/logout
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 81432a8c6e0d0a54-AMS
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Wed, 11 Oct 2023 01:00:28 GMT
etag: W/"17d67-qG5nuswKrIpRe+TnnMNhDcX+RD4"
ot-baggage-auth0-request-id: 81432a8c6e0d0a54
ot-tracer-sampled: true
ot-tracer-spanid: 10f041983bdce8ae
ot-tracer-traceid: 5ee9b8297da600f8
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-00000000000000005ee9b8297da600f8-10f041983bdce8ae-01
tracestate: auth0-request-id=81432a8c6e0d0a54,auth0=true
vary: Accept-Encoding
x-auth0-requestid: 2fdb208ac1127fccfd52
x-content-type-options: nosniff
x-frame-options: deny
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1696986029
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 81432a84993f0a54-AMS
content-length: 1680
content-type: text/html; charset=utf-8
date: Wed, 11 Oct 2023 01:00:26 GMT
location: /login?state=hKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3RpZNkgSHE4d1REaFdGTDFmRXl4M0FqeG5TRDIzTnlZUi10WEijY2lk2SB2a1JhMFNXeU5Md1NJbExQR0pQM3l1YUozQ2pFcWd2Vw&client=vkRa0SWyNLwSIlLPGJP3yuaJ3CjEqgvW&protocol=oauth2&audience=https%3A%2F%2Fuplatform-api-prod.web.app&scope=openid%20profile%20email%20uplapi%20yourapp%3Aapi%20offline_access&redirect_uri=https%3A%2F%2Fhd360.hastingsdeering.com.au&promptMobileApp=JTdCJTIyc2hvdWxkVXNlJTIyJTNBZmFsc2UlMkMlMjJvcyUyMiUzQSUyMldpbmRvd3MlMjIlN0Q%3D&response_type=code&response_mode=query&nonce=QTN4WnJNUXE2c2pMVGhHT2g3S29oR2gzTEs0NGZPcTNFRDFTS05zUktIQw%3D%3D&code_challenge=RQxZJG4Zqc48dZEQfq06OUrUwo7C7TV0zsnE4GR2TgY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuNiJ9
ot-baggage-auth0-request-id: 81432a84993f0a54
ot-tracer-sampled: true
ot-tracer-spanid: 400b07e92bb12f35
ot-tracer-traceid: 431e4a130f45d868
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-0000000000000000431e4a130f45d868-400b07e92bb12f35-01
tracestate: auth0-request-id=81432a84993f0a54,auth0=true
vary: Accept, Accept-Encoding
x-auth0-requestid: dec7283a4692556be2a1
x-content-type-options: nosniff
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1696986027

GET
H2 200 token
cdn.linkedin.oribi.io/partner/37867/domain/hd360.hastingsdeering.com.au/ 36 B
364 B 69ms
23ms XHR
application/json 2600:9000:20eb:1a00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/37867/domain/hd360.hastingsdeering.com.au/token
Requested by: Host: hd360.hastingsdeering.com.au
URL: https://hd360.hastingsdeering.com.au/polyfills.c7c1c1bf01cbb7de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1a00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: *
Referer: https://hd360.hastingsdeering.com.au/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 05:56:09 GMT
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA2-C1
age: 155056
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400
content-length: 36
x-amz-cf-id: 5-l1vtyyM8UnvW3o8nbQu1RsCq3VMSU8OSKn3s2bSGDlk4krtRuBag==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37867&time=1696986025565&url=https%3A%2F%2Fhd360.hastingsdeering.com.au%2Flogout
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37867&time=1696986025565&url=https%3A%2F%2Fhd360.hastingsdeering.com.au%2Flogout&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D37867%26time%3D1696986025565%26url%3Dhttps%253A%252F%252Fhd360.hastingsdeering.co...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37867&time=1696986025565&url=https%3A%2F%2Fhd360.hastingsdeering.com.au%2Flogout&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=37867&time=1696986025565&url=https%3A%2F%2Fhd360.hastingsdeering.com.au%2Flogout&cookiesTest=true&liSync=true&e_ipv6=AQI7otPBa9mZngAAAYscP9BD8QwI...

0
482 B

189ms
117ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=37867&time=1696986025565&url=https%3A%2F%2Fhd360.hastingsdeering.com.au%2Flogout&cookiesTest=true&liSync=true&e_ipv6=AQI7otPBa9mZngAAAYscP9BD8QwIBqsQu1LxrR1HTAcVRPVsS1fxZCozfSJJf0B9M5uOpSEC5UWqCAamO9w
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:25 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 6D08A6815C2C4C329975738AB948A8A9 Ref B: DUS30EDGE0321 Ref C: 2023-10-11T01:00:26Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lva1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHZllIUwEdR0srfxXTuw==

Redirect headers

date: Wed, 11 Oct 2023 01:00:25 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CF1CDD69AB5C46D7A7B303507008FE24 Ref B: DUS30EDGE0815 Ref C: 2023-10-11T01:00:26Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=37867&time=1696986025565&url=https%3A%2F%2Fhd360.hastingsdeering.com.au%2Flogout&cookiesTest=true&liSync=true&e_ipv6=AQI7otPBa9mZngAAAYscP9BD8QwIBqsQu1LxrR1HTAcVRPVsS1fxZCozfSJJf0B9M5uOpSEC5UWqCAamO9w
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHZllFa6guN5bs92y61g==

GET
H2 200 hd360support.zendesk.com
ekr.zdassets.com/compose/web_widget/ Frame 5CE2 1 KB
1 KB 681ms
625ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/web_widget/hd360support.zendesk.com

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:26 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 809e18cfee8b6a45-SEA, 809e18cfee8b6a45-SEA
x-runtime: 0.002512
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"889c74693846b4602d83ad09012e6d99"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqyFjpyLb6pQgzLzM568op91q1OYeVHcn2hpol7eAfuEMCpPNPtKPzGYK3z76UnpLt%2Bqwe0mwAnnXQVjrNAkII8x8%2F6Z7%2BkRvnPHAe8RNjHddY9x5f4jK4XfLW%2Br04Evsk4%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 81432a844e28667f-AMS

POST
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/uplatformprod/ 624 B
677 B 355ms
354ms Fetch
application/json 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/uplatformprod/installations

Requested by

Host: hd360.hastingsdeering.com.au
URL: https://hd360.hastingsdeering.com.au/polyfills.c7c1c1bf01cbb7de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://hd360.hastingsdeering.com.au/
x-goog-api-key: AIzaSyAKMJP_e9dQ0x4QOB6bi-3o0abthLQFF4U
accept-language: nl-NL,nl;q=0.9
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjguMyBmaXJlLWNvcmUtZXNtMjAxNy8wLjguMyBmaXJlLWpzLyBmaXJlLWlpZC8wLjUuMTYgZmlyZS1paWQtZXNtMjAxNy8wLjUuMTYgZmlyZS1yYy8wLjMuMTUgZmlyZS1yYy1lc20yMDE3LzAuMy4xNSBmaXJlLWpzLWFsbC1hcHAvOS4xMy4wIGZpcmUtYW5hbHl0aWNzLzAuOC40IGZpcmUtYW5hbHl0aWNzLWVzbTIwMTcvMC44LjQiLCJkYXRlcyI6WyIyMDIzLTEwLTExIl19XX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: application/json

Response headers

date: Wed, 11 Oct 2023 01:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hd360.hastingsdeering.com.au
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 487
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/uplatformprod/ Frame 0
0 94ms
35ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/uplatformprod/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://hd360.hastingsdeering.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://hd360.hastingsdeering.com.au
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 11 Oct 2023 01:00:25 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 gen_204
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 99ms
35ms XHR
application/json 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: hd360.hastingsdeering.com.au
URL: https://hd360.hastingsdeering.com.au/polyfills.c7c1c1bf01cbb7de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hd360.hastingsdeering.com.au
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 59ms
19ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1727253547587840&ev=PageView&dl=https%3A%2F%2Fhd360.hastingsdeering.com.au%2Flogout&rl=https%3A%2F%2Fwww.onelink.to%2F&if=false&ts=1696986025645&sw=1600&sh=1200&v=2.9.133&r=stable&ec=0&o=30&fbp=fb.2.1696986025642.1121186632&cs_est=true&ler=other&it=1696986025525&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 11 Oct 2023 01:00:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 /
content.hotjar.io/ 56 B
161 B 180ms
61ms XHR
application/json 52.48.140.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: hd360.hastingsdeering.com.au
URL: https://hd360.hastingsdeering.com.au/polyfills.c7c1c1bf01cbb7de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.48.140.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-140-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://hd360.hastingsdeering.com.au/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 11 Oct 2023 01:00:25 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H3 200 js
www.googletagmanager.com/gtag/ 276 KB
91 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-T4NJ57YZYW

Requested by

Host: hd360.hastingsdeering.com.au
URL: https://hd360.hastingsdeering.com.au/main.aa5ba0fef2c4dd05.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93241
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 11 Oct 2023 01:00:25 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 276 KB
91 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T4NJ57YZYW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5888VHJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93267
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 11 Oct 2023 01:00:25 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
263 B 50ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-T4NJ57YZYW&gtm=45je3a90&_p=1685044236&_gaz=1&_fid=fvo5yAuZx3VfD9hsKhE1z0&cid=1696806779.1696986026&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696986025&sct=1&seg=0&dl=https%3A%2F%2Fhd360.hastingsdeering.com.au%2Flogout&dr=https%3A%2F%2Fwww.onelink.to%2F&dt=HD360&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T4NJ57YZYW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 01:00:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hd360.hastingsdeering.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
263 B 74ms
23ms Ping
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T4NJ57YZYW&cid=1696806779.1696986026&gtm=45je3a90&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T4NJ57YZYW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 01:00:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hd360.hastingsdeering.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 84ms
34ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T4NJ57YZYW&cid=1696806779.1696986026&gtm=45je3a90&aip=1&z=297302561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hd360.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 01:00:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/uplatformprod/namespaces/ 11 KB
2 KB 261ms
259ms Fetch
application/json 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/uplatformprod/namespaces/firebase:fetch?key=AIzaSyAKMJP_e9dQ0x4QOB6bi-3o0abthLQFF4U

Requested by

Host: hd360.hastingsdeering.com.au
URL: https://hd360.hastingsdeering.com.au/polyfills.c7c1c1bf01cbb7de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Content-Encoding: gzip
Referer: https://hd360.hastingsdeering.com.au/
If-None-Match: *
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 11 Oct 2023 01:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
etag: etag-uplatformprod-firebase-fetch-1832425330
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hd360.hastingsdeering.com.au
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1411
x-xss-protection: 0

OPTIONS
H2 200 firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/uplatformprod/namespaces/ Frame 0
0 151ms
40ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/uplatformprod/namespaces/firebase:fetch?key=AIzaSyAKMJP_e9dQ0x4QOB6bi-3o0abthLQFF4U

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,if-none-match
Access-Control-Request-Method: POST
Origin: https://hd360.hastingsdeering.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: content-encoding,content-type,if-none-match
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://hd360.hastingsdeering.com.au
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 11 Oct 2023 01:00:26 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 web-widget-main-4b22769.js
static.zdassets.com/web_widget/classic/latest/ Frame 26D1 921 KB
265 KB 39ms
39ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:26 GMT
x-amz-version-id: Tqd.BCD9w1gdIuCOkjN7K7S20lVumIKB
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: KKWMY49V74PN2KRF
age: 298810
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Jw2CHTKLuNnTiGvVSNGjOsdi1ckWOmpUyo85gwghC3vvVcPKk+6pkNQgjETKOh8wOzJuruOa7cs=
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
server: cloudflare
etag: W/"a3155ef9816fdf792d367e746086c583"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piMThjnTudwwH8Pquw0JFIGcIm9b%2B19QnN0omkTlYM2iLECaLDV8FDLkNuoq7H7Y0i31ay1W3JlZcyKYrsP4zo8FMJfuJEgWRIBddtClYd9Yjj8s2R1ayoZDAako1Zc72AeeMA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 81432a883f2866ae-AMS
expires: Fri, 23 Aug 2024 03:39:35 GMT

GET
H2 200 en-us-json-4b22769.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 26D1 25 KB
6 KB 27ms
23ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:26 GMT
x-amz-version-id: hsI8uO5qXqigkFCAVGwBeynKIJCd66Hs
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG634E6JEX0QWAZ
age: 1797067
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: xPN4p0SCUPGXKregEUQnpKEDpsTJuP5jc1Fzfm7M0eI6Ek6sEigILcZVdbgX8yXKqKG690OWL10=
last-modified: Thu, 24 Aug 2023 03:39:38 GMT
server: cloudflare
etag: W/"fd692493810d22ae0ff5aca283a7a202"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B28E%2BT6v5k5OPho133iMOV2ROVJtaKhKrCRNPAdCFPHsSMNAQb1dwLTqvWg5XEwYrKNbEe6WSNDFqXn5G%2Bjd6TvoRrWe4ZfK7DdEWbszMCJ6i3FIl1PFtUdMYCn0NsZ6NPpZFJA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 81432a899ff566ae-AMS
expires: Fri, 23 Aug 2024 03:39:37 GMT

GET
H2 200 config
hd360support.zendesk.com/embeddable/ Frame 26D1 654 B
1 KB 277ms
200ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd360support.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:26 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-58944f7d8-t9j4g
x-cached: MISS
x-request-id: 81432a8a1ed766e1-AMS
x-runtime: 0.001636
last-modified: Tue, 10 Oct 2023 11:56:06 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQfpGePp9yZmJlBx%2BF25h6nHkn9rJQlWlEkt%2Bu9uIVWSuLIgFX2tN0PJzGIGvqm8ajyXwABgP4SVThBfatmbz81j4LeVlbCCjbRjUUbMkPhzQamSvmH1TXkd%2FpJNwxDmIckdiVrwTXR3PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 81432a8a1ed766e1-AMS

OPTIONS dl
hd360support.zendesk.com/frontendevents/ Frame 0
0

POST collect
region1.analytics.google.com/g/ 0
0

POST dl
hd360support.zendesk.com/frontendevents/ Frame 26D1 0
0

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.10.0/ 22 KB
7 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.10.0/firebase-app.js

Requested by

Host: prod-login.hastingsdeering.com.au
URL: https://prod-login.hastingsdeering.com.au/login?state=hKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3RpZNkgSHE4d1REaFdGTDFmRXl4M0FqeG5TRDIzTnlZUi10WEijY2lk2SB2a1JhMFNXeU5Md1NJbExQR0pQM3l1YUozQ2pFcWd2Vw&client=vkRa0SWyNLwSIlLPGJP3yuaJ3CjEqgvW&protocol=oauth2&audience=https%3A%2F%2Fuplatform-api-prod.web.app&scope=openid%20profile%20email%20uplapi%20yourapp%3Aapi%20offline_access&redirect_uri=https%3A%2F%2Fhd360.hastingsdeering.com.au&promptMobileApp=JTdCJTIyc2hvdWxkVXNlJTIyJTNBZmFsc2UlMkMlMjJvcyUyMiUzQSUyMldpbmRvd3MlMjIlN0Q%3D&response_type=code&response_mode=query&nonce=QTN4WnJNUXE2c2pMVGhHT2g3S29oR2gzTEs0NGZPcTNFRDFTS05zUktIQw%3D%3D&code_challenge=RQxZJG4Zqc48dZEQfq06OUrUwo7C7TV0zsnE4GR2TgY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuNiJ9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a78d872dee0b66e1fd7cfdab14645678b8f9596cf42b212029825029acda4dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 21:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7003
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 20:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Oct 2024 21:54:47 GMT

GET
H2 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/8.10.0/ 35 KB
35 KB 70ms
23ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.10.0/firebase-analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f114e062db8d6e28b27679e95a074ca452faeb799cc6c04b4189fd04f5dcbe9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 11:29:04 GMT
x-content-type-options: nosniff
age: 135084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35740
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 20:25:38 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Oct 2024 11:29:04 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
546 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@500&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3499bd0d6e6b9d2d80d08684882f2715adc7a8066b853cf032f30b9f244aac7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Oct 2023 01:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 23:54:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Oct 2023 01:00:28 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
71 KB 45ms
42ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5888VHJ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d7b85d805d1c830795f56f4847815bdcf75c50244dd5de0dcd935ed582913ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72271
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 00:14:27 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 11 Oct 2023 01:00:28 GMT

GET
H3

200

logo.svg
hd360.hastingsdeering.com.au/assets/auth/
Redirect Chain

https://connect.hastingsdeering.com.au/assets/auth/logo.svg
https://hd360.hastingsdeering.com.au/assets/auth/logo.svg

9 KB
3 KB

16ms
15ms

Image
image/svg+xml

199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd360.hastingsdeering.com.au/assets/auth/logo.svg

Requested by

Protocol

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

430d90076a1c4b9439e51e20d39725fba7f0f1329067be0697db834c519aea70

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-ams21039-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
date: Wed, 11 Oct 2023 01:00:28 GMT
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986029.563828,VS0,VE1
etag: "717da6bbf3c54abe1d96409d016096eb978b9e0d35aaebcca4a54dcbd19cf3bb-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2691
x-cache-hits: 1

Redirect headers

x-cache-hits: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Wed, 11 Oct 2023 01:00:28 GMT
x-timer: S1696986029.532540,VS0,VE16
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/plain; charset=utf-8
location: https://hd360.hastingsdeering.com.au/assets/auth/logo.svg
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 72
x-served-by: cache-ams21073-AMS

GET
H3

200

logo360.svg
hd360.hastingsdeering.com.au/assets/icons/svg/
Redirect Chain

https://connect.hastingsdeering.com.au/assets/icons/svg/logo360.svg
https://hd360.hastingsdeering.com.au/assets/icons/svg/logo360.svg

4 KB
2 KB

16ms
15ms

Image
image/svg+xml

199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd360.hastingsdeering.com.au/assets/icons/svg/logo360.svg

Requested by

Protocol

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4089b5bbcf16e5bad20dc92e51e7936d1372912fd9708b043660de3b89577703

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-ams21039-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
date: Wed, 11 Oct 2023 01:00:28 GMT
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986029.564660,VS0,VE1
etag: "c4c934812617ea557f5d17b885f7c598d4f46224819a10be749c56cd84e3bf42-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1540
x-cache-hits: 1

Redirect headers

x-cache-hits: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Wed, 11 Oct 2023 01:00:28 GMT
x-timer: S1696986029.532520,VS0,VE19
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/plain; charset=utf-8
location: https://hd360.hastingsdeering.com.au/assets/icons/svg/logo360.svg
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 80
x-served-by: cache-ams21073-AMS

GET
H3

200

hd360-get-connected.png
hd360.hastingsdeering.com.au/assets/auth/
Redirect Chain

https://connect.hastingsdeering.com.au/assets/auth/hd360-get-connected.png
https://hd360.hastingsdeering.com.au/assets/auth/hd360-get-connected.png

361 KB
359 KB

41ms
40ms

Image
image/png

199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd360.hastingsdeering.com.au/assets/auth/hd360-get-connected.png

Requested by

Protocol

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3a0da2c0c3816fe8849e2307008003e8e9031f7560ea382e553708d0ccf34ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
date: Wed, 11 Oct 2023 01:00:28 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 366936
x-served-by: cache-ams21039-AMS
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986029.567257,VS0,VE2
etag: "4e6dcd2d59a32beff1ab11ee374dac1020460a9daae8446d731fe48fc8e039eb-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
x-cache-hits: 1

Redirect headers

x-cache-hits: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Wed, 11 Oct 2023 01:00:28 GMT
x-timer: S1696986029.533413,VS0,VE19
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/plain; charset=utf-8
location: https://hd360.hastingsdeering.com.au/assets/auth/hd360-get-connected.png
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 87
x-served-by: cache-ams21073-AMS

GET
H3

200

app-store.png
hd360.hastingsdeering.com.au/assets/auth/
Redirect Chain

https://connect.hastingsdeering.com.au/assets/auth/app-store.png
https://hd360.hastingsdeering.com.au/assets/auth/app-store.png

3 KB
4 KB

106ms
106ms

Image
image/png

199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd360.hastingsdeering.com.au/assets/auth/app-store.png

Requested by

Protocol

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

80e9278d46f3662f661cfcc9ddf8d74aa257b2fbd32f239c3342ccc8ae4b58a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-ams21039-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Wed, 11 Oct 2023 01:00:28 GMT
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986029.567271,VS0,VE91
etag: "f645d52e7563aee83e5bd76ce503ee248b13449469185acf7bbbec0ba3198b5f"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3354
x-cache-hits: 1

Redirect headers

x-cache-hits: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Wed, 11 Oct 2023 01:00:28 GMT
x-timer: S1696986029.533380,VS0,VE19
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/plain; charset=utf-8
location: https://hd360.hastingsdeering.com.au/assets/auth/app-store.png
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 77
x-served-by: cache-ams21073-AMS

GET
H3

200

google-play.png
hd360.hastingsdeering.com.au/assets/auth/
Redirect Chain

https://connect.hastingsdeering.com.au/assets/auth/google-play.png
https://hd360.hastingsdeering.com.au/assets/auth/google-play.png

2 KB
3 KB

16ms
16ms

Image
image/png

199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd360.hastingsdeering.com.au/assets/auth/google-play.png

Requested by

Protocol

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de9de4877a514c0a79892c7325ff8ff0d1576370f69a81c3d0d4f2d60f4d9a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-ams21039-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Wed, 11 Oct 2023 01:00:28 GMT
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986029.564130,VS0,VE1
etag: "fcc1c1972144ab912ab2fab90bdfac2077918f9b7b01f6f403a9eee1b873e0e2"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2253
x-cache-hits: 1

Redirect headers

x-cache-hits: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Wed, 11 Oct 2023 01:00:28 GMT
x-timer: S1696986029.533364,VS0,VE17
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/plain; charset=utf-8
location: https://hd360.hastingsdeering.com.au/assets/auth/google-play.png
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 79
x-served-by: cache-ams21073-AMS

GET
H2 200 auth0.min.js Show response
cdn.auth0.com/js/auth0/9.17/ 182 KB
49 KB 290ms
27ms Script
application/javascript 2600:9000:214f:b200:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/js/auth0/9.17/auth0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:b200:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e01da927fc61cd29071a2661a88167b38a6b411124b9716dd888bce4e83cdd9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: zk28rgwb3c9lG1ZXdlMWsQ1fFYIfzWTe
content-encoding: gzip
via: 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
date: Wed, 11 Oct 2023 00:20:25 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 2404
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 15 Oct 2021 14:16:07 GMT
server: AmazonS3
etag: W/"441772588b7dfed02a54baf734f1e71e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800,public
x-robots-tag: noindex
x-amz-cf-id: fi4If7HJnxSAYpTrV2XyaBluR90TP_t2KYv0Oo4yX_VMxoUjmYEgaQ==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
4 KB 28ms
24ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=7a1bd5f8-7305-4440-9961-dbacc2ee1697

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:28 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG72W2QZVQMR1RD
age: 4
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: GoVnoy2qF9Dk8kQ+MdMhKfghn0mARE7l9EgbJdLnNNuU43oimKcqsqzdesH+K0MfnzCSaDN4yLTxUfwJSR/6zQ==
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HmBeudREhyxnhGlTBne6alBtNHy3J84ZSPrBjQllD1phbX3Pg8hm1CjkS7tvtTd7f%2FR2Aj%2BTKySuPuVyOSrBGOO1Os1HX0B060hSuH%2ByJQUZVqPkuUZ22DpnKcGqla0k9AmEGI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 81432a94e8d266ae-AMS

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbe9c7377d8713b9e29dd17a204674dc52051f4930104b5d7468364e7049af62

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e963f6c56b95c3f850305f457a7c2118c537498ab987c59fbf4ee46dcf93844

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

app-store.png
hd360.hastingsdeering.com.au/assets/auth/
Redirect Chain

https://connect.hastingsdeering.com.au/assets/auth/app-store.png
https://hd360.hastingsdeering.com.au/assets/auth/app-store.png

3 KB
4 KB

105ms
105ms

Image
image/png

199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd360.hastingsdeering.com.au/assets/auth/app-store.png

Requested by

Protocol

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

80e9278d46f3662f661cfcc9ddf8d74aa257b2fbd32f239c3342ccc8ae4b58a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-ams21039-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Wed, 11 Oct 2023 01:00:28 GMT
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986029.567006,VS0,VE91
etag: "f645d52e7563aee83e5bd76ce503ee248b13449469185acf7bbbec0ba3198b5f"
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3354
x-cache-hits: 0

Redirect headers

x-cache-hits: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Wed, 11 Oct 2023 01:00:28 GMT
x-timer: S1696986029.533340,VS0,VE19
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/plain; charset=utf-8
location: https://hd360.hastingsdeering.com.au/assets/auth/app-store.png
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 77
x-served-by: cache-ams21073-AMS

GET
H3

200

google-play.png
hd360.hastingsdeering.com.au/assets/auth/
Redirect Chain

https://connect.hastingsdeering.com.au/assets/auth/google-play.png
https://hd360.hastingsdeering.com.au/assets/auth/google-play.png

2 KB
3 KB

21ms
13ms

Image
image/png

199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd360.hastingsdeering.com.au/assets/auth/google-play.png

Requested by

Protocol

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de9de4877a514c0a79892c7325ff8ff0d1576370f69a81c3d0d4f2d60f4d9a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-ams21039-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Wed, 11 Oct 2023 01:00:28 GMT
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986029.615899,VS0,VE0
etag: "fcc1c1972144ab912ab2fab90bdfac2077918f9b7b01f6f403a9eee1b873e0e2"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2253
x-cache-hits: 2

Redirect headers

x-cache-hits: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Wed, 11 Oct 2023 01:00:28 GMT
x-timer: S1696986029.590297,VS0,VE0
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/plain; charset=utf-8
location: https://hd360.hastingsdeering.com.au/assets/auth/google-play.png
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 79
x-served-by: cache-ams21073-AMS

GET
H3

200

https://connect.hastingsdeering.com.au/assets/auth/login-background.svg
https://hd360.hastingsdeering.com.au/assets/auth/login-background.svg

370 KB
274 KB

17ms
17ms

Image
image/svg+xml

199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd360.hastingsdeering.com.au/assets/auth/login-background.svg

Requested by

Protocol

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

70f3ca4c09d88d434993c9636d407771ae5d67fc443a1f1020eee8b1bd165aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://prod-login.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-ams21039-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
date: Wed, 11 Oct 2023 01:00:28 GMT
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986029.564134,VS0,VE2
etag: "12cae6040ee29c193c39514dd3b790d4d104cd66b25a0356fdf88721e9441794-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 280298
x-cache-hits: 1

Redirect headers

x-cache-hits: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Wed, 11 Oct 2023 01:00:28 GMT
x-timer: S1696986029.531441,VS0,VE18
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/plain; charset=utf-8
location: https://hd360.hastingsdeering.com.au/assets/auth/login-background.svg
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 84
x-served-by: cache-ams21073-AMS

GET
DATA 200
OK truncated
/ 724 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5392e83f9a7a2767bdaba7b80f364e6e4e7bc16f3197e729c1b4e2d3ff790a4d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:192707135505:web:3a17fcf70fd676c7ffc9b0/ 302 B
240 B 48ms
47ms Fetch
application/json 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:192707135505:web:3a17fcf70fd676c7ffc9b0/webConfig

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.10.0/firebase-analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dda42e81e16eeafcb0074abeb17619a097abd58725d92f771b0804bf94edd081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer
x-goog-api-key: AIzaSyAKMJP_e9dQ0x4QOB6bi-3o0abthLQFF4U
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://prod-login.hastingsdeering.com.au
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217
x-xss-protection: 0

OPTIONS
H3 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:192707135505:web:3a17fcf70fd676c7ffc9b0/ Frame 0
0 36ms
36ms Preflight
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:192707135505:web:3a17fcf70fd676c7ffc9b0/webConfig

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://prod-login.hastingsdeering.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://prod-login.hastingsdeering.com.au
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 11 Oct 2023 01:00:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 hotjar-2968194.js Show response
static.hotjar.com/c/ 9 KB
4 KB 22ms
22ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2968194.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5888VHJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

b64eee4527d8a52b7218f1e1f1147c2d9de80bcc8c8423e13bdd71a2750c7c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 11 Oct 2023 01:00:25 GMT
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 3
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/638e817999ed9620ce4a9eca821567f2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: dW_wHq5i6Alxud2ONMUY4qqKxr-GS1B6NedUJPSJ9gveyaNiIZxYGg==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 20ms
20ms Script
application/x-javascript 2a02:26f0:780::210:a423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5888VHJ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=62679
accept-ranges: bytes
content-length: 3822

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
52 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.onelink.to
URL: https://www.onelink.to/hd360

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 11 Oct 2023 01:00:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53364
x-xss-protection: 0
pragma: public
x-fb-debug: 3iSmj2nEfpThkEdQ6vn2/txPgckSAq60MtaFIx4X97T/5oAPB0j2iuy/fQTzuvhO+tn9Fk4Z3iI9eqmu8yIoPQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H3 200 installations
firebaseinstallations.googleapis.com/v1/projects/uplatformprod/ Frame 0
0 37ms
37ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/uplatformprod/installations

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://prod-login.hastingsdeering.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://prod-login.hastingsdeering.com.au
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 11 Oct 2023 01:00:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/uplatformprod/ 625 B
513 B 313ms
312ms Fetch
application/json 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/uplatformprod/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.10.0/firebase-analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47bcd27c0f39e07ee7c663c8279a49b81512411eb976d757db980ba2400f5264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer
x-goog-api-key: AIzaSyAKMJP_e9dQ0x4QOB6bi-3o0abthLQFF4U
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: application/json

Response headers

date: Wed, 11 Oct 2023 01:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://prod-login.hastingsdeering.com.au
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 490
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
91 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-T4NJ57YZYW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.10.0/firebase-analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

904a568b45b382e2e58241543236da52a0edc3ed967cd8e765a577c3e646b519

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93173
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 11 Oct 2023 01:00:28 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
91 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T4NJ57YZYW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5888VHJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc83e3797a43ec2dac0c93be3c2c730193ff9f40f18f4f26e67bf986dd4d6112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93267
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 11 Oct 2023 01:00:28 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 34ms
28ms Script
application/x-javascript 2a02:26f0:780::210:a423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=9080
accept-ranges: bytes
content-length: 4862

GET
H2 200 modules.3cb89fdee82cce4ad9b3.js Show response
script.hotjar.com/ 225 KB
55 KB 32ms
27ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.3cb89fdee82cce4ad9b3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2968194.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

ae2849fe8677f8485afddd849dc1aa7e27f447c993bba3cae7c067ac7532780b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 10:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 51562
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55975
last-modified: Tue, 10 Oct 2023 10:41:03 GMT
etag: "39d8b64fc948fc5ebdedc8f69ab2299d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: WFZ0eszUV8VnUU6nt1NurhC8pvJ0mX696ZZHH4TBONFToBKarSELTg==

GET
H2 200 7a1bd5f8-7305-4440-9961-dbacc2ee1697 Show response
ekr.zdassets.com/compose/ 1 KB
897 B 579ms
578ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/7a1bd5f8-7305-4440-9961-dbacc2ee1697

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=7a1bd5f8-7305-4440-9961-dbacc2ee1697

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

889c74693846b4602d83ad09012e6d9960e970b6027f8c1f76485c643c87a8f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:29 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 809e18d46bc36a45-SEA, 809e18d46bc36a45-SEA
x-runtime: 0.003161
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"889c74693846b4602d83ad09012e6d99"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNO6NUa2YNxVvMivkizy5bFQ3pfP4fiDqFelsV2ApDYXU3chuEjs80SrJULE%2FRM037aDAq0jjeKx4wrUJ7waU0EcB2sCal2dtqYOhMOkFS96WMDn8zVoMvwOvhkAn5WQEUg%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 81432a96b826667f-AMS

GET
H3 200 1727253547587840 Show response
connect.facebook.net/signals/config/ 140 KB
36 KB 91ms
86ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1727253547587840?v=2.9.133&r=stable&domain=prod-login.hastingsdeering.com.au

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f6ba9e6cee4c670414de50c0cc14919db254f1bd313993d565a6cdbccb8686e5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 11 Oct 2023 01:00:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: vpC7z87lt2Xx9zzu4LGsJqmjRH2V27FVdI02nCbifAcOX/ptGkFa+Ik6G4SgXkaAo/jBx9eLbIoWmUQ6potG3Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/37867/domain/prod-login.hastingsdeering.com.au/ 36 B
364 B 26ms
21ms XHR
application/json 2600:9000:20eb:1a00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/37867/domain/prod-login.hastingsdeering.com.au/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1a00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 05:56:11 GMT
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA2-C1
age: 155057
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400
content-length: 36
x-amz-cf-id: GaQJPap_HC3fxbdnR--rCSHlyE_-x1dm9ObkmJ1flhPpwR00OGkuvw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37867&time=1696986028607&url=https%3A%2F%2Fprod-login.hastingsdeering.com.au%2Flogin%3Fstate%3DhKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKF...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=37867&time=1696986028607&url=https%3A%2F%2Fprod-login.hastingsdeering.com.au%2Flogin%3Fstate%3DhKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMK...

0
147 B

133ms
132ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=37867&time=1696986028607&url=https%3A%2F%2Fprod-login.hastingsdeering.com.au%2Flogin%3Fstate%3DhKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3RpZNkgSHE4d1REaFdGTDFmRXl4M0FqeG5TRDIzTnlZUi10WEijY2lk2SB2a1JhMFNXeU5Md1NJbExQR0pQM3l1YUozQ2pFcWd2Vw%26client%3DvkRa0SWyNLwSIlLPGJP3yuaJ3CjEqgvW%26protocol%3Doauth2%26audience%3Dhttps%253A%252F%252Fuplatform-api-prod.web.app%26scope%3Dopenid%2520profile%2520email%2520uplapi%2520yourapp%253Aapi%2520offline_access%26redirect_uri%3Dhttps%253A%252F%252Fhd360.hastingsdeering.com.au%26promptMobileApp%3DJTdCJTIyc2hvdWxkVXNlJTIyJTNBZmFsc2UlMkMlMjJvcyUyMiUzQSUyMldpbmRvd3MlMjIlN0Q%253D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DQTN4WnJNUXE2c2pMVGhHT2g3S29oR2gzTEs0NGZPcTNFRDFTS05zUktIQw%253D%253D%26code_challenge%3DRQxZJG4Zqc48dZEQfq06OUrUwo7C7TV0zsnE4GR2TgY%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuNiJ9&e_ipv6=AQISBA8aLA8tagAAAYscP9qA5zIOuDGjVI-8Yg_qoHzPRFrVm3wcH1WnXi_lvWUNy3JL9WT3JQ4sOV_qpw4
Requested by: Host: prod-login.hastingsdeering.com.au
URL: https://prod-login.hastingsdeering.com.au/login?state=hKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3RpZNkgSHE4d1REaFdGTDFmRXl4M0FqeG5TRDIzTnlZUi10WEijY2lk2SB2a1JhMFNXeU5Md1NJbExQR0pQM3l1YUozQ2pFcWd2Vw&client=vkRa0SWyNLwSIlLPGJP3yuaJ3CjEqgvW&protocol=oauth2&audience=https%3A%2F%2Fuplatform-api-prod.web.app&scope=openid%20profile%20email%20uplapi%20yourapp%3Aapi%20offline_access&redirect_uri=https%3A%2F%2Fhd360.hastingsdeering.com.au&promptMobileApp=JTdCJTIyc2hvdWxkVXNlJTIyJTNBZmFsc2UlMkMlMjJvcyUyMiUzQSUyMldpbmRvd3MlMjIlN0Q%3D&response_type=code&response_mode=query&nonce=QTN4WnJNUXE2c2pMVGhHT2g3S29oR2gzTEs0NGZPcTNFRDFTS05zUktIQw%3D%3D&code_challenge=RQxZJG4Zqc48dZEQfq06OUrUwo7C7TV0zsnE4GR2TgY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuNiJ9
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:27 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: EBBE46966EFE4B6F9447E7BFE9E1635A Ref B: DUS30EDGE0321 Ref C: 2023-10-11T01:00:28Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lva1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHZllw9kv/JdzVI4CWiA==

Redirect headers

date: Wed, 11 Oct 2023 01:00:28 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3003AD49D8F34118A569F7AB8F7C21F4 Ref B: DUS30EDGE0815 Ref C: 2023-10-11T01:00:28Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=37867&time=1696986028607&url=https%3A%2F%2Fprod-login.hastingsdeering.com.au%2Flogin%3Fstate%3DhKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3RpZNkgSHE4d1REaFdGTDFmRXl4M0FqeG5TRDIzTnlZUi10WEijY2lk2SB2a1JhMFNXeU5Md1NJbExQR0pQM3l1YUozQ2pFcWd2Vw%26client%3DvkRa0SWyNLwSIlLPGJP3yuaJ3CjEqgvW%26protocol%3Doauth2%26audience%3Dhttps%253A%252F%252Fuplatform-api-prod.web.app%26scope%3Dopenid%2520profile%2520email%2520uplapi%2520yourapp%253Aapi%2520offline_access%26redirect_uri%3Dhttps%253A%252F%252Fhd360.hastingsdeering.com.au%26promptMobileApp%3DJTdCJTIyc2hvdWxkVXNlJTIyJTNBZmFsc2UlMkMlMjJvcyUyMiUzQSUyMldpbmRvd3MlMjIlN0Q%253D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DQTN4WnJNUXE2c2pMVGhHT2g3S29oR2gzTEs0NGZPcTNFRDFTS05zUktIQw%253D%253D%26code_challenge%3DRQxZJG4Zqc48dZEQfq06OUrUwo7C7TV0zsnE4GR2TgY%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuNiJ9&e_ipv6=AQISBA8aLA8tagAAAYscP9qA5zIOuDGjVI-8Yg_qoHzPRFrVm3wcH1WnXi_lvWUNy3JL9WT3JQ4sOV_qpw4
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHZlltaVt9xkjxXYMeQQ==

GET
H2 200 browser-perf.d8e56be84308bd33c99f.js Show response
script.hotjar.com/ 6 KB
2 KB 20ms
20ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.d8e56be84308bd33c99f.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.3cb89fdee82cce4ad9b3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

8a56f473b828601a9ede7ad6970c39eae125a37a7bc76dc2579e0a8948f2e714

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:08:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 129142
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1959
last-modified: Mon, 09 Oct 2023 13:07:36 GMT
etag: "b2dbf73aeb96787f4a5354f331bdab52"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: WqvEj4AiNIRtXJBqX7Gmv2ey-QYq4d6lIBMrLGZPMLmRyY-0qeIOag==

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 17ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-T4NJ57YZYW&gtm=45je3a90&_p=793664757&_fid=ckiyF9HjoeTRELc1YMjIg8&cid=1696806779.1696986026&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696986025&sct=1&seg=1&dl=https%3A%2F%2Fprod-login.hastingsdeering.com.au%2Flogin%3Fstate%3DhKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3RpZNkgSHE4d1REaFdGTDFmRXl4M0FqeG5TRDIzTnlZUi10WEijY2lk2SB2a1JhMFNXeU5Md1NJbExQR0pQM3l1YUozQ2pFcWd2Vw%26client%3DvkRa0SWyNLwSIlLPGJP3yuaJ3CjEqgvW%26protocol%3Doauth2%26audience%3Dhttps%253A%252F%252Fuplatform-api-prod.web.app%26scope%3Dopenid%2520profile%2520email%2520uplapi%2520yourapp%253Aapi%2520offline_access%26redirect_uri%3Dhttps%253A%252F%252Fhd360.hastingsdeering.com.au%26promptMobileApp%3DJTdCJTIyc2hvdWxkVXNlJTIyJTNBZmFsc2UlMkMlMjJvcyUyMiUzQSUyMldpbmRvd3MlMjIlN0Q%253D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DQTN4WnJNUXE2c2pMVGhHT2g3S29oR2gzTEs0NGZPcTNFRDFTS05zUktIQw%253D%253D%26code_challenge%3DRQxZJG4Zqc48dZEQfq06OUrUwo7C7TV0zsnE4GR2TgY%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuNiJ9&dr=https%3A%2F%2Fhd360.hastingsdeering.com.au%2F&dt=HD360&en=page_view&_ee=1&ep.origin=firebase
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-T4NJ57YZYW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 01:00:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://prod-login.hastingsdeering.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
content.hotjar.io/ 56 B
160 B 59ms
58ms XHR
application/json 52.48.140.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.3cb89fdee82cce4ad9b3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.48.140.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-140-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c78bd8b600e731dce26d94b75ebc2833495294312a46f873a68f03923d13b786

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 11 Oct 2023 01:00:28 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 20ms
19ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1727253547587840&ev=PageView&dl=https%3A%2F%2Fprod-login.hastingsdeering.com.au%2Flogin%3Fstate%3DhKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3RpZNkgSHE4d1REaFdGTDFmRXl4M0FqeG5TRDIzTnlZUi10WEijY2lk2SB2a1JhMFNXeU5Md1NJbExQR0pQM3l1YUozQ2pFcWd2Vw%26client%3DvkRa0SWyNLwSIlLPGJP3yuaJ3CjEqgvW%26protocol%3Doauth2%26audience%3Dhttps%253A%252F%252Fuplatform-api-prod.web.app%26scope%3Dopenid%2520profile%2520email%2520uplapi%2520yourapp%253Aapi%2520offline_access%26redirect_uri%3Dhttps%253A%252F%252Fhd360.hastingsdeering.com.au%26promptMobileApp%3DJTdCJTIyc2hvdWxkVXNlJTIyJTNBZmFsc2UlMkMlMjJvcyUyMiUzQSUyMldpbmRvd3MlMjIlN0Q%253D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DQTN4WnJNUXE2c2pMVGhHT2g3S29oR2gzTEs0NGZPcTNFRDFTS05zUktIQw%253D%253D%26code_challenge%3DRQxZJG4Zqc48dZEQfq06OUrUwo7C7TV0zsnE4GR2TgY%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuNiJ9&rl=https%3A%2F%2Fhd360.hastingsdeering.com.au%2F&if=false&ts=1696986028877&sw=1600&sh=1200&v=2.9.133&r=stable&ec=0&o=30&fbp=fb.2.1696986025642.1121186632&cs_est=true&ler=other&it=1696986028595&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 11 Oct 2023 01:00:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 17ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-T4NJ57YZYW&gtm=45je3a90&_p=793664757&_fid=ckiyF9HjoeTRELc1YMjIg8&cid=1696806779.1696986026&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1696986025&sct=1&seg=1&dl=https%3A%2F%2Fprod-login.hastingsdeering.com.au%2Flogin%3Fstate%3DhKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3RpZNkgSHE4d1REaFdGTDFmRXl4M0FqeG5TRDIzTnlZUi10WEijY2lk2SB2a1JhMFNXeU5Md1NJbExQR0pQM3l1YUozQ2pFcWd2Vw%26client%3DvkRa0SWyNLwSIlLPGJP3yuaJ3CjEqgvW%26protocol%3Doauth2%26audience%3Dhttps%253A%252F%252Fuplatform-api-prod.web.app%26scope%3Dopenid%2520profile%2520email%2520uplapi%2520yourapp%253Aapi%2520offline_access%26redirect_uri%3Dhttps%253A%252F%252Fhd360.hastingsdeering.com.au%26promptMobileApp%3DJTdCJTIyc2hvdWxkVXNlJTIyJTNBZmFsc2UlMkMlMjJvcyUyMiUzQSUyMldpbmRvd3MlMjIlN0Q%253D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DQTN4WnJNUXE2c2pMVGhHT2g3S29oR2gzTEs0NGZPcTNFRDFTS05zUktIQw%253D%253D%26code_challenge%3DRQxZJG4Zqc48dZEQfq06OUrUwo7C7TV0zsnE4GR2TgY%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuNiJ9&dr=https%3A%2F%2Fhd360.hastingsdeering.com.au%2F&dt=HD360&en=scroll&ep.origin=firebase&epn.percent_scrolled=90&_et=142
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-T4NJ57YZYW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 01:00:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://prod-login.hastingsdeering.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 17ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-T4NJ57YZYW&gtm=45je3a90&_p=793664757&_fid=ckiyF9HjoeTRELc1YMjIg8&cid=1696806779.1696986026&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1696986025&sct=1&seg=1&dl=https%3A%2F%2Fprod-login.hastingsdeering.com.au%2Flogin%3Fstate%3DhKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3RpZNkgSHE4d1REaFdGTDFmRXl4M0FqeG5TRDIzTnlZUi10WEijY2lk2SB2a1JhMFNXeU5Md1NJbExQR0pQM3l1YUozQ2pFcWd2Vw%26client%3DvkRa0SWyNLwSIlLPGJP3yuaJ3CjEqgvW%26protocol%3Doauth2%26audience%3Dhttps%253A%252F%252Fuplatform-api-prod.web.app%26scope%3Dopenid%2520profile%2520email%2520uplapi%2520yourapp%253Aapi%2520offline_access%26redirect_uri%3Dhttps%253A%252F%252Fhd360.hastingsdeering.com.au%26promptMobileApp%3DJTdCJTIyc2hvdWxkVXNlJTIyJTNBZmFsc2UlMkMlMjJvcyUyMiUzQSUyMldpbmRvd3MlMjIlN0Q%253D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DQTN4WnJNUXE2c2pMVGhHT2g3S29oR2gzTEs0NGZPcTNFRDFTS05zUktIQw%253D%253D%26code_challenge%3DRQxZJG4Zqc48dZEQfq06OUrUwo7C7TV0zsnE4GR2TgY%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuNiJ9&dr=https%3A%2F%2Fhd360.hastingsdeering.com.au%2F&dt=LOG%20IN&_s=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-T4NJ57YZYW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 01:00:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://prod-login.hastingsdeering.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

check.svg
hd360.hastingsdeering.com.au/assets/auth/
Redirect Chain

https://connect.hastingsdeering.com.au/assets/auth/check.svg
https://hd360.hastingsdeering.com.au/assets/auth/check.svg

224 B
487 B

14ms
14ms

Image
image/svg+xml

199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd360.hastingsdeering.com.au/assets/auth/check.svg

Protocol

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

83e803275c8d0af4a52a91fb0a55d4920d5a7a362f301fbc7ffbe4dbb24511b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://prod-login.hastingsdeering.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-ams21039-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
date: Wed, 11 Oct 2023 01:00:29 GMT
last-modified: Thu, 14 Sep 2023 07:51:31 GMT
x-timer: S1696986029.046955,VS0,VE1
etag: "6661764b1ee64c2d0849cc58721176758b2173c19a19e183c9d9021187b003e5-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 153
x-cache-hits: 1

Redirect headers

x-served-by: cache-ams21081-AMS
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Wed, 11 Oct 2023 01:00:29 GMT
x-timer: S1696986029.020762,VS0,VE12
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/plain; charset=utf-8
location: https://hd360.hastingsdeering.com.au/assets/auth/check.svg
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 73
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 524 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a91bc6b6d4d365a34c0dda249f644144a3d5fafa8ef9e9adea017df53b9530ca

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 web-widget-main-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame D233 921 KB
265 KB 35ms
34ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=7a1bd5f8-7305-4440-9961-dbacc2ee1697

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19f9bd2c56e13a1adc382fb52bb03abe6ea7284415855adeb244cfce20cca048

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:29 GMT
x-amz-version-id: Tqd.BCD9w1gdIuCOkjN7K7S20lVumIKB
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: KKWMY49V74PN2KRF
age: 298813
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Jw2CHTKLuNnTiGvVSNGjOsdi1ckWOmpUyo85gwghC3vvVcPKk+6pkNQgjETKOh8wOzJuruOa7cs=
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
server: cloudflare
etag: W/"a3155ef9816fdf792d367e746086c583"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbsC87POK0aLRKMU6o6dSl0XIYNyfc9p3NVDfH%2FYMn%2FGAl6EoNZCcB9v4eqphn4jaOPa%2BjaJmA08lImAwh9731EypOF5%2BXGWoRH8kEL6WfMANcBLxHxssv8%2FrMQaC2Tp0PqTv0w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 81432a9a6c6766ae-AMS
expires: Fri, 23 Aug 2024 03:39:35 GMT

GET
H2 200 en-us-json-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame D233 25 KB
6 KB 26ms
26ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b63be2f9ab7f75dd4702ae1f07e7bb82dbdcfb8e6df77c9f173b213c1af912

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:29 GMT
x-amz-version-id: hsI8uO5qXqigkFCAVGwBeynKIJCd66Hs
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG634E6JEX0QWAZ
age: 1797070
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: xPN4p0SCUPGXKregEUQnpKEDpsTJuP5jc1Fzfm7M0eI6Ek6sEigILcZVdbgX8yXKqKG690OWL10=
last-modified: Thu, 24 Aug 2023 03:39:38 GMT
server: cloudflare
etag: W/"fd692493810d22ae0ff5aca283a7a202"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQUqgv3Qu8iE7XFau00aNan2H%2FVA0PUFQsYgX2zBJcqc9ZPuPz4NVWsxqdhh5V%2FtYEsEh0uVlPPhA2ixIe51P5X6rLVd4cigkwF%2Bl%2F1dRz8IYuxAr%2BgL2wSop9NZM5cY%2BeUqFII%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 81432a9dfec366ae-AMS
expires: Fri, 23 Aug 2024 03:39:37 GMT

GET
H2 200 config Show response
hd360support.zendesk.com/embeddable/ Frame D233 654 B
819 B 28ms
27ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd360support.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5904b0726b8919116cd100154c7b67a28332891a23668945bcaff7577349aeb2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:00:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3
x-zendesk-origin-server: embeddable-app-server-58944f7d8-t9j4g
x-cached: MISS
x-request-id: 81432a8a1ed766e1-AMS
x-runtime: 0.001636
last-modified: Wed, 11 Oct 2023 01:00:26 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ko6ZD3%2FFMAqJH%2FzIMAjv366YU6O0aQQG%2BiRbnANNOdy7Lcvv06254B19k99I5IVSwgwewEs0OUVREJaNnmkd3z6yGfHzaGeLEiXE1tMdO%2BE0TuALCP4tUot7Hd88xcJWCXNt7T63J1zchA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 81432a9dfccb66e1-AMS

POST
H2 204 /
metrics.hotjar.io/ 0
70 B 145ms
33ms Ping
text/plain 18.200.156.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.hotjar.io/?v=6
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2968194.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.200.156.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-156-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 11 Oct 2023 01:00:31 GMT
vary: Origin

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 25ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-T4NJ57YZYW&gtm=45je3a90&_p=793664757&cid=1696806779.1696986026&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1696986025&sct=1&seg=1&dl=https%3A%2F%2Fprod-login.hastingsdeering.com.au%2Flogin%3Fstate%3DhKFo2SBQLVlUUEhPMGM5TFNMeGwtcFhmdjlMRGZzTURPQ2syMKFupWxvZ2luo3RpZNkgSHE4d1REaFdGTDFmRXl4M0FqeG5TRDIzTnlZUi10WEijY2lk2SB2a1JhMFNXeU5Md1NJbExQR0pQM3l1YUozQ2pFcWd2Vw%26client%3DvkRa0SWyNLwSIlLPGJP3yuaJ3CjEqgvW%26protocol%3Doauth2%26audience%3Dhttps%253A%252F%252Fuplatform-api-prod.web.app%26scope%3Dopenid%2520profile%2520email%2520uplapi%2520yourapp%253Aapi%2520offline_access%26redirect_uri%3Dhttps%253A%252F%252Fhd360.hastingsdeering.com.au%26promptMobileApp%3DJTdCJTIyc2hvdWxkVXNlJTIyJTNBZmFsc2UlMkMlMjJvcyUyMiUzQSUyMldpbmRvd3MlMjIlN0Q%253D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DQTN4WnJNUXE2c2pMVGhHT2g3S29oR2gzTEs0NGZPcTNFRDFTS05zUktIQw%253D%253D%26code_challenge%3DRQxZJG4Zqc48dZEQfq06OUrUwo7C7TV0zsnE4GR2TgY%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuNiJ9&dr=https%3A%2F%2Fhd360.hastingsdeering.com.au%2F&dt=LOG%20IN&uid=&_s=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-T4NJ57YZYW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 01:00:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://prod-login.hastingsdeering.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hd360support.zendesk.com
URL: https://hd360support.zendesk.com/frontendevents/dl?client=1B752747-577B-429A-A0E0-83861AF69088

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-T4NJ57YZYW&gtm=45je3a90&_p=1685044236&_fid=fvo5yAuZx3VfD9hsKhE1z0&cid=1696806779.1696986026&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1696986025&sct=1&seg=0&dl=https%3A%2F%2Fhd360.hastingsdeering.com.au%2Flogout&dr=https%3A%2F%2Fwww.onelink.to%2F&dt=HD360&en=scroll&ep.origin=firebase&epn.percent_scrolled=90&_et=6

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-T4NJ57YZYW&gtm=45je3a90&_p=1685044236&_fid=fvo5yAuZx3VfD9hsKhE1z0&cid=1696806779.1696986026&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1696986025&sct=1&seg=0&dl=https%3A%2F%2Fhd360.hastingsdeering.com.au%2Flogout&dr=https%3A%2F%2Fwww.onelink.to%2F&dt=HD360&en=user_engagement&ep.origin=firebase&_et=2338

Domain: hd360support.zendesk.com
URL: https://hd360support.zendesk.com/frontendevents/dl?client=1B752747-577B-429A-A0E0-83861AF69088

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
prod-login.hastingsdeering.com.au/usernamepassword/login	1970-01-20 15:37:30	Name: _csrf Value: 0ikPk1Tr8rG3D5aELv2Y_IMo
hd360.hastingsdeering.com.au/	1970-01-20 15:24:32	Name: ln_or Value: eyIzNzg2NyI6ImQifQ%3D%3D
.hastingsdeering.com.au/	1970-01-20 17:32:42	Name: _fbp Value: fb.2.1696986025642.1121186632
.hastingsdeering.com.au/	1970-01-20 15:23:07	Name: _hjFirstSeen Value: 1
.hastingsdeering.com.au/	1970-01-20 15:23:06	Name: _hjIncludedInSessionSample_2968194 Value: 1
.hastingsdeering.com.au/	1970-01-20 15:23:07	Name: _hjSession_2968194 Value: eyJpZCI6ImJiMTYzOWMxLTA4MWItNDI4MC1iNDhhLTdhYTRiNzg5OWVmZiIsImNyZWF0ZWQiOjE2OTY5ODYwMjU2NzEsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjpmYWxzZX0=
.hastingsdeering.com.au/	1970-01-21 00:08:42	Name: _hjSessionUser_2968194 Value: eyJpZCI6IjhjMWY5ZDAwLTgxMjMtNTRlMi04MTM2LTk3MzJhMzMzMGE3NyIsImNyZWF0ZWQiOjE2OTY5ODYwMjU2NzAsImV4aXN0aW5nIjp0cnVlfQ==
.hastingsdeering.com.au/	1970-01-20 15:23:07	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1970-01-20 17:32:42	Name: li_sugr Value: c5bf83f0-25d2-4fcc-a427-5f9b43f60df2
.linkedin.com/	1970-01-21 00:08:42	Name: bcookie Value: "v=2&e5543616-de94-4984-8edb-01f2c941647a"
.linkedin.com/	1970-01-20 15:24:32	Name: lidc Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2863:u=1:x=1:i=1696986025:t=1697072425:v=2:sig=AQHWisJ1JUxkuE8WfZo0cJjYVVOIHzba"
.hastingsdeering.com.au/	1970-01-21 00:59:06	Name: _ga Value: GA1.1.1696806779.1696986026
.linkedin.com/	1970-01-20 16:06:18	Name: UserMatchHistory Value: AQK-PG7lVNARUAAAAYscP88_Tzq6bPI9WpHzqbttJgSvVlJ7gsVjcUGp6lADnp2EXsRpgYD6BCdmBQ
.linkedin.com/	1970-01-20 16:06:18	Name: AnalyticsSyncHistory Value: AQK6v9ZP9r7BHAAAAYscP88_54Bm_ADCRHQRd92y9E2brQ-xRCySKm_tUTOppDqu6wbBsM_1wK0XosohKVwiig
.www.linkedin.com/	1970-01-21 00:08:42	Name: bscookie Value: "v=1&20231011010025892e20b3-e54f-4304-81b7-5fec9cebe150AQEMxwZ2US6kqLb3fLGJA2lYdw2lGhVf"
.linkedin.com/	1970-01-20 19:42:18	Name: li_gc Value: MTswOzE2OTY5ODYwMjU7MjswMjEvHS8SiazztrKpRxhZE5d0S8EHKpr60GEJvo/GwKuhmQ==
prod-login.hastingsdeering.com.au/	1970-01-21 00:09:03	Name: did Value: s%3Av0%3A90a2d3c0-67d1-11ee-84ce-ebf974fbd179.OrZ6mIdzgCMjiydYCYLzbVulQw6TTbVBP%2FgXKdy0%2Bgg
prod-login.hastingsdeering.com.au/	1970-01-20 15:27:25	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQDsrRKjxSIVvhL3f38lGVCMiDgLePvgp3WwTabNUPUgkXFHElbHmR313Pp3wh3HRTsVD9hDlTBjF4nlhAEj4aXqmY29va2llg6dleHBpcmVz1_-809gAZSnoKq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.ac63nbQTehUvNhlR%2BRxwrVf2lD1hWnXjgiw7FGvsS28
prod-login.hastingsdeering.com.au/	1970-01-21 00:09:03	Name: did_compat Value: s%3Av0%3A90a2d3c0-67d1-11ee-84ce-ebf974fbd179.OrZ6mIdzgCMjiydYCYLzbVulQw6TTbVBP%2FgXKdy0%2Bgg
prod-login.hastingsdeering.com.au/	1970-01-20 15:27:25	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQDsrRKjxSIVvhL3f38lGVCMiDgLePvgp3WwTabNUPUgkXFHElbHmR313Pp3wh3HRTsVD9hDlTBjF4nlhAEj4aXqmY29va2llg6dleHBpcmVz1_-809gAZSnoKq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.ac63nbQTehUvNhlR%2BRxwrVf2lD1hWnXjgiw7FGvsS28
.prod-login.hastingsdeering.com.au/	1970-01-20 15:23:07	Name: __cf_bm Value: 8FbaJ.4Du9vIL4wkJCh7oXgFFxfuuEkC3ctQpNDsG0o-1696986026-0-AeLUd9zHD0JsVreIhCAb1XrUQWipDr4woZbiPndhR0D0qdDlh8jlC2K+1/jA0ONMbPPlKtnURTXzfaBaqUAGaRs=
prod-login.hastingsdeering.com.au/	1970-01-20 15:24:32	Name: ln_or Value: eyIzNzg2NyI6ImQifQ%3D%3D
prod-login.hastingsdeering.com.au/	1969-12-31 23:59:59	Name: _hjHasCachedUserAttributes Value: true
prod-login.hastingsdeering.com.au/	1970-01-20 15:23:06	Name: _hjUserAttributesHash Value: 32b532df7571b59dfe26fded91b9fc17
.hastingsdeering.com.au/	1970-01-21 00:59:06	Name: _ga_T4NJ57YZYW Value: GS1.1.1696986025.1.1.1696986029.56.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.auth0.com
cdn.linkedin.oribi.io
connect.facebook.net
connect.hastingsdeering.com.au
content.hotjar.io
ekr.zdassets.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
hd360.hastingsdeering.com.au
hd360support.zendesk.com
maps.googleapis.com
metrics.hotjar.io
onelink.to
prod-login.hastingsdeering.com.au
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
www.facebook.com
www.google.nl
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.onelink.to
hd360support.zendesk.com
region1.analytics.google.com
104.16.51.111
104.18.70.113
104.18.72.113
13.107.42.14
13.32.27.21
178.128.140.200
18.200.156.125
18.66.97.53
188.166.100.175
199.36.158.100
2001:4860:4802:32::36
2600:9000:20eb:1a00:2:53b2:240:93a1
2600:9000:214f:b200:10:474e:104a:2961
2606:4700::6810:a116
2620:1ec:21::14
2a00:1450:4001:801::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:827::200a
2a00:1450:4001:829::200a
2a00:1450:400c:c09::9b
2a02:26f0:780::210:a423
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
52.48.140.7
0d1e153945add5427bd4cdad736cd29396ce326dde34d25f0291bd464193def8
1072591ef19e0b91844aa9c18439b541266c8fe77432cf47939cc3ce7d23622e
19f9bd2c56e13a1adc382fb52bb03abe6ea7284415855adeb244cfce20cca048
2074b871b5a0cf7a87e49f1e4af7080145ebebf4e674ffda31643747d223cb30
208fcab4624fb48bfd85faa4d1fb516d9ed825d2428a4cfd062d259addd8fca6
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
2ca284f2f576037565f2667f71e27c9f1f4d870200aba96fe3ec59c4b1f605b9
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
3499bd0d6e6b9d2d80d08684882f2715adc7a8066b853cf032f30b9f244aac7c
36eea9b6d4a61b4dbf91cbad4c0de46203b7f38a0edc1bfcf44f0a2719a02dde
3a0da2c0c3816fe8849e2307008003e8e9031f7560ea382e553708d0ccf34ba4
3d7b85d805d1c830795f56f4847815bdcf75c50244dd5de0dcd935ed582913ab
3ebd7e909ee5185ff09b0ec454737557affd80c247284086e00556c486813b66
4089b5bbcf16e5bad20dc92e51e7936d1372912fd9708b043660de3b89577703
430d90076a1c4b9439e51e20d39725fba7f0f1329067be0697db834c519aea70
4441fa6c7ddd3321da05ea38937202c7e1a7fe41a2941653ccb25f5eef70675e
47bcd27c0f39e07ee7c663c8279a49b81512411eb976d757db980ba2400f5264
4dabd7461d558ac33c6d9caa57b0c4e029ec2e18f267355368d3f3a65d7b4e7f
5392e83f9a7a2767bdaba7b80f364e6e4e7bc16f3197e729c1b4e2d3ff790a4d
53b63be2f9ab7f75dd4702ae1f07e7bb82dbdcfb8e6df77c9f173b213c1af912
5904b0726b8919116cd100154c7b67a28332891a23668945bcaff7577349aeb2
5e963f6c56b95c3f850305f457a7c2118c537498ab987c59fbf4ee46dcf93844
6235c7477bcd9b2e42e2ccdd72ba0d9a5d42d6e741c344c729016d8a5619aa86
70f3ca4c09d88d434993c9636d407771ae5d67fc443a1f1020eee8b1bd165aa0
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7e748328f8b532ce7802096168f87d0457055e8ac26378b90baebde3ecf0211f
80bcc63b8c70c42945245eaab0cabca7e81242dcde808eb81d5d68cd729f784d
80e9278d46f3662f661cfcc9ddf8d74aa257b2fbd32f239c3342ccc8ae4b58a7
83e803275c8d0af4a52a91fb0a55d4920d5a7a362f301fbc7ffbe4dbb24511b3
889c74693846b4602d83ad09012e6d9960e970b6027f8c1f76485c643c87a8f4
8a56f473b828601a9ede7ad6970c39eae125a37a7bc76dc2579e0a8948f2e714
904a568b45b382e2e58241543236da52a0edc3ed967cd8e765a577c3e646b519
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a78d872dee0b66e1fd7cfdab14645678b8f9596cf42b212029825029acda4dfc
a91bc6b6d4d365a34c0dda249f644144a3d5fafa8ef9e9adea017df53b9530ca
aa691c09dd263714d2aaf43d786f84b36349cfc177bd841893b816952f944127
ae2849fe8677f8485afddd849dc1aa7e27f447c993bba3cae7c067ac7532780b
b64eee4527d8a52b7218f1e1f1147c2d9de80bcc8c8423e13bdd71a2750c7c85
c78bd8b600e731dce26d94b75ebc2833495294312a46f873a68f03923d13b786
dbe9c7377d8713b9e29dd17a204674dc52051f4930104b5d7468364e7049af62
dc83e3797a43ec2dac0c93be3c2c730193ff9f40f18f4f26e67bf986dd4d6112
dda42e81e16eeafcb0074abeb17619a097abd58725d92f771b0804bf94edd081
de9de4877a514c0a79892c7325ff8ff0d1576370f69a81c3d0d4f2d60f4d9a1a
e01da927fc61cd29071a2661a88167b38a6b411124b9716dd888bce4e83cdd9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f00505e68d0b754ef4e468d6a4e2e1f934ec8e001daef91b614ad6d97a2ff0
f114e062db8d6e28b27679e95a074ca452faeb799cc6c04b4189fd04f5dcbe9f
f6ba9e6cee4c670414de50c0cc14919db254f1bd313993d565a6cdbccb8686e5
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

prod-login.hastingsdeering.com.au Open in urlscan Pro 2606:4700::6810:a116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

83 %HTTPS

62 %IPv6

18 Domains

31 Subdomains

28 IPs

6 Countries

3140 kBTransfer

9950 kBSize

25 Cookies

4 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

prod-login.hastingsdeering.com.au Open in urlscan Pro
2606:4700::6810:a116 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

83 %
HTTPS

62 %
IPv6

18
Domains

31
Subdomains

28
IPs

6
Countries

3140 kB
Transfer

9950 kB
Size

25
Cookies

94 HTTP transactions
4 data transactions