Submitted URL: https://dmail.co.nz/
Effective URL: https://bedirect.co.nz/?utm_source=dmail
Submission Tags: falconsandbox
Submission: On December 17 via api from US — Scanned from NZ

Summary

This website contacted 20 IPs in 4 countries across 18 domains to perform 46 HTTP transactions. The main IP is 104.21.80.1, located in and belongs to CLOUDFLARENET, US. The main domain is bedirect.co.nz.
TLS certificate: Issued by WE1 on December 4th 2024. Valid for: 3 months.
This is the only time bedirect.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.129.72 13335 (CLOUDFLAR...)
15 104.21.80.1 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
4 6 2606:4700::68... 13335 (CLOUDFLAR...)
3 192.0.76.3 2635 (AUTOMATTIC)
4 2404:6800:400... 15169 (GOOGLE)
2 2400:52e0:1::1 200325 (BunnyCDN ...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 172.217.167.99 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 172.217.167.68 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 1 172.217.167.98 15169 (GOOGLE)
2 142.250.66.227 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
46 20
Apex Domain
Subdomains
Transfer
15 bedirect.co.nz
bedirect.co.nz
481 KB
6 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
49 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
46 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
309 KB
3 wp.com
stats.wp.com — Cisco Umbrella Rank: 3804
pixel.wp.com — Cisco Umbrella Rank: 3757
7 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
544 B
2 google.co.nz
www.google.co.nz — Cisco Umbrella Rank: 41106
173 B
2 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 142
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4811
forms.hscollectedforms.net — Cisco Umbrella Rank: 4960
26 KB
2 plausible.io
plausible.io — Cisco Umbrella Rank: 9011
2 KB
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2477
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
20 B
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2343
27 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2358
25 KB
1 hs-scripts.com
js-na1.hs-scripts.com — Cisco Umbrella Rank: 6680
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
923 B
1 dmail.co.nz
dmail.co.nz
718 B
46 18
Domain Requested by
15 bedirect.co.nz bedirect.co.nz
6 unpkg.com 4 redirects bedirect.co.nz
4 www.googletagmanager.com bedirect.co.nz
www.googletagmanager.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.google.co.nz bedirect.co.nz
2 www.gstatic.com www.googletagmanager.com
www.gstatic.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 plausible.io bedirect.co.nz
plausible.io
2 stats.wp.com bedirect.co.nz
1 track.hubspot.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 www.googleadservices.com 1 redirects
1 www.google.com www.googletagmanager.com
1 forms.hscollectedforms.net js.hscollectedforms.net
1 pixel.wp.com bedirect.co.nz
1 js.hs-banner.com js-na1.hs-scripts.com
1 js.hscollectedforms.net js-na1.hs-scripts.com
1 js.hs-analytics.net js-na1.hs-scripts.com
1 js-na1.hs-scripts.com bedirect.co.nz
1 fonts.googleapis.com bedirect.co.nz
1 dmail.co.nz 1 redirects
46 23
Subject Issuer Validity Valid
bedirect.co.nz
WE1
2024-12-04 -
2025-03-04
3 months crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
wp.com
E6
2024-12-09 -
2025-03-09
3 months crt.sh
*.google-analytics.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
plausible.io
R10
2024-11-29 -
2025-02-27
3 months crt.sh
hs-scripts.com
WE1
2024-11-24 -
2025-02-22
3 months crt.sh
hs-analytics.net
WE1
2024-12-05 -
2025-03-05
3 months crt.sh
hscollectedforms.net
WE1
2024-11-20 -
2025-02-18
3 months crt.sh
hs-banner.com
WE1
2024-11-22 -
2025-02-20
3 months crt.sh
*.gstatic.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.g.doubleclick.net
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.doubleclick.net
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.google.co.nz
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
hubspot.com
WE1
2024-12-01 -
2025-03-01
3 months crt.sh

This page contains 3 frames:

Primary Page: https://bedirect.co.nz/?utm_source=dmail
Frame ID: 8DF5DD86B675E510623243382DF04060
Requests: 45 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fbedirect.co.nz
Frame ID: 7F0F2B088F07E7A302287C4452CA78C7
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-SSGG6XWBV8&gacid=284285605.1734472135&gtm=45je4cc1v879780929za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1680107462
Frame ID: 69C50D8AFE43854AF4B548E119C80318
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Direct Mail and Digital Print Made Easy in Auckland, New Zealand

Page URL History Show full URLs

  1. https://dmail.co.nz/ HTTP 301
    https://bedirect.co.nz/?utm_source=dmail Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <body class=(?:"|')[^"']*oxygen-body

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

93 %
HTTPS

67 %
IPv6

18
Domains

23
Subdomains

20
IPs

4
Countries

995 kB
Transfer

2493 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dmail.co.nz/ HTTP 301
    https://bedirect.co.nz/?utm_source=dmail Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://unpkg.com/dropzone@5/dist/min/dropzone.min.css?ver=5.0 HTTP 302
  • https://unpkg.com/dropzone@5/dist/min/dropzone.min.css HTTP 302
  • https://unpkg.com/dropzone@5.9.3/dist/min/dropzone.min.css
Request Chain 13
  • https://unpkg.com/dropzone@5/dist/min/dropzone.min.js?ver=5.0 HTTP 302
  • https://unpkg.com/dropzone@5/dist/min/dropzone.min.js HTTP 302
  • https://unpkg.com/dropzone@5.9.3/dist/min/dropzone.min.js
Request Chain 39
  • https://www.googleadservices.com/pagead/conversion/1040706729/wcm?cc=ZZ&dn=093081510&cl=FxaTCIWQo-4BEKnZn_AD&dma=0&npa=0&ct_eid=2 HTTP 302
  • https://www.google.co.nz/pagead/attribution/wcm?cc=ZZ&dn=093081510&cl=FxaTCIWQo-4BEKnZn_AD&dma=0

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bedirect.co.nz/
Redirect Chain
  • https://dmail.co.nz/
  • https://bedirect.co.nz/?utm_source=dmail
81 KB
20 KB
Document
General
Full URL
https://bedirect.co.nz/?utm_source=dmail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eb11cd8213dae418b63923a8bdc82ec7b5605cf37c2ae75e6147b0cf09e135e
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f3a1eb3dfb7d9bb-AKL
content-encoding
zstd
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
content-type
text/html; charset=UTF-8
date
Tue, 17 Dec 2024 21:48:53 GMT
last-modified
Tue, 17 Dec 2024 17:27:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rm89TDP1wx1%2Fj2mnWNFO%2F%2Fy8yVkDlKHHGnYKpu31TL3Q3cSv6i9abXE7bRUgw12bwwKODVJR1zjM1nWw3M7iRSmVSx5FgqO7FQf9p25zf3qy13GGj971jW3oByHMJyVQmg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
8f3a1eb35a15d9b8-AKL
content-length
167
content-type
text/html
date
Tue, 17 Dec 2024 21:48:53 GMT
expires
Tue, 17 Dec 2024 22:48:53 GMT
location
https://bedirect.co.nz/?utm_source=dmail
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N0qoUhJFEUor3%2FnvEdJFX3WYor%2Bzb4yuPApqenPJb%2F5tKYp6ovQiXk%2FUukiAVQvpDv0Xbi7oIrk59MXG86aFzIRcROptUEDaID6WuXIYK0YOAdyWAkr5kSE82KjJtw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=30271&min_rtt=30263&rtt_var=11364&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4121&recv_bytes=4350&delivery_rate=103413&cwnd=12000&unsent_bytes=0&cid=4f7ea342db53ad82&ts=41&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
autoptimize_5e080323f7e77a38b7cea7b11bab053f.css
bedirect.co.nz/wp-content/cache/autoptimize/css/
327 KB
51 KB
Stylesheet
General
Full URL
https://bedirect.co.nz/wp-content/cache/autoptimize/css/autoptimize_5e080323f7e77a38b7cea7b11bab053f.css
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eff027c2c4094148c7280d40bf6c6c2d6135bc8ba1554a78ca00f31d8660f77
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"673fd263-51bdb"
age
2228494
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vDG4doC9tvcJERR0ZLn5qOMrSNbVcLKAIV1sL57zZ80KveQwWHAEmV1VJ0LQj%2BUJUtnyCZXijRXr29SHDoq7gub%2F7FFudZm3KniSfLD%2FULfpBcdONLs51kadJHOUrMycTg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 21:48:53 GMT
content-type
text/css
last-modified
Fri, 22 Nov 2024 00:37:55 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=315360000
referrer-policy
no-referrer-when-downgrade
cf-ray
8f3a1eb46fb8d9bb-AKL
x-xss-protection
1; mode=block
server
cloudflare
css
fonts.googleapis.com/
3 KB
923 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A500%2C600%2C700%2Cregular%2C&display=swap
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:813::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9b24fd64c70ccc6f0d26cf07916db6eaab4a03ad9c5e6010f41bfd76546aa58e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 21:48:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 17 Dec 2024 21:48:54 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
DPMS-Alex-Guillotining.jpg
bedirect.co.nz/wp-content/uploads/2023/11/
88 KB
88 KB
Image
General
Full URL
https://bedirect.co.nz/wp-content/uploads/2023/11/DPMS-Alex-Guillotining.jpg
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cb3d1c9aec0a6f72d540615b87e692bbe75daf1edfdc0ea98cb81f6d9f8b92c
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

cf-cache-status
HIT
etag
"6560b100-15e65"
age
7429237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bVW%2FrCLNjEqlmkia0pwufS9AiCsslGLLsUVJFbN6HMuhyOTuTQppt3dzMOIJQ9Bcvvn9BzzLcnI%2BmHyXYJQWQSKSn3jhLacodqdaRJNcqGPqa2XhCBym7sqtpMlCs3Kumg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 21:48:53 GMT
content-type
image/jpeg
last-modified
Fri, 24 Nov 2023 14:19:44 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8f3a1eb46fb9d9bb-AKL
accept-ranges
bytes
content-length
89701
x-xss-protection
1; mode=block
server
cloudflare
dropzone.min.css
unpkg.com/dropzone@5.9.3/dist/min/
Redirect Chain
  • https://unpkg.com/dropzone@5/dist/min/dropzone.min.css?ver=5.0
  • https://unpkg.com/dropzone@5/dist/min/dropzone.min.css
  • https://unpkg.com/dropzone@5.9.3/dist/min/dropzone.min.css
10 KB
2 KB
Stylesheet
General
Full URL
https://unpkg.com/dropzone@5.9.3/dist/min/dropzone.min.css
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ff0aecab9bebf5e4d8a6d2627666b1251e50a4f2b689b3fe7b59e0ac2330ebe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"2666-AIAc79sGEIYPhgbvPkMlXe3eyXU"
age
8486467
x-content-type-options
nosniff
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J7EC6E6P3DZF3Z9NAT9ZGK4S-syd
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8f3a1eb5bd64d9a2-AKL
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/dropzone@5.9.3/dist/min/dropzone.min.css
content-encoding
br
cf-cache-status
HIT
age
67
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8f3a1eb57cebd9a2-AKL
access-control-allow-origin
*
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JFB9ESPRHY5Y7GCVY45P2C9J-syd
server
cloudflare
jquery.min.js
bedirect.co.nz/wp-includes/js/jquery/
86 KB
32 KB
Script
General
Full URL
https://bedirect.co.nz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65673494-15601"
age
8586668
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=36iie%2Bc7ofRYiuH4%2FpCf%2BZA2BKfkX6ZzjMbzprSbDltE%2B%2F5cs3QEC12z8a3GHWEkjk143%2Bq4LlaLtESk9G5xihYA8rC3JWN7%2F6PCtZAiJDQAx0Ywb916RKXquFELcAC2%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
application/javascript
last-modified
Wed, 29 Nov 2023 12:54:44 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=315360000
referrer-policy
no-referrer-when-downgrade
cf-ray
8f3a1eb60fbed9bb-AKL
x-xss-protection
1; mode=block
server
cloudflare
s-202451.js
stats.wp.com/
9 KB
4 KB
Script
General
Full URL
https://stats.wp.com/s-202451.js
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d92c0cb8715f872b995e9166602b68fd389905b7942fe245ce0eaf9ae9743686

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

cache-control
max-age=31536000
content-encoding
br
x-nc
HIT syd
etag
W/"65717c6e-25ea"
access-control-allow-methods
GET, HEAD
expires
Mon, 15 Dec 2025 20:54:49 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
application/javascript
last-modified
Thu, 07 Dec 2023 08:03:58 GMT
server
nginx
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/
213 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5592891-3
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:812::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cdbc86e3b016da7fe2edfa886cab9dd0a64c3ea9f515b0ea4e162b1fbe08b3df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 17 Dec 2024 21:48:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
78465
x-xss-protection
0
server
Google Tag Manager
script.js
plausible.io/js/
1 KB
1 KB
Script
General
Full URL
https://plausible.io/js/script.js
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1::1 , Australia, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software
BunnyCDN-AUC1-1213 /
Resource Hash
e3409ac09af396e35fd67c5e024386d36c52138b7541e6a4644c31a94a2d33a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

cdn-status
200
content-encoding
br
x-content-type-options
nosniff
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cachedat
12/17/2024 04:32:11
cdn-cache
HIT
cdn-requestpullcode
200
cache-control
public, must-revalidate, max-age=86400
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestid
f766d1866a37aadc8b63969a3783a438
cross-origin-resource-policy
cross-origin
cdn-pullzone
682664
cdn-proxyver
1.06
application
127.0.0.1
permissions-policy
interest-cohort=()
access-control-allow-origin
*
cdn-edgestorageid
1213
server
BunnyCDN-AUC1-1213
cdn-requestcountrycode
NZ
autoptimize_single_d705ecb9d1bd6bf2023a0b1458c0eafa.css
bedirect.co.nz/wp-content/cache/autoptimize/css/
33 KB
4 KB
Stylesheet
General
Full URL
https://bedirect.co.nz/wp-content/cache/autoptimize/css/autoptimize_single_d705ecb9d1bd6bf2023a0b1458c0eafa.css?cache=1722462697&ver=6.7.1
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c64f6f6f587b4b76220acfba1c1d2f96c8b1d9c3b018df113c2c85a20b9ffe
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"673a6ec6-8223"
age
2230794
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FmrAAAxMR08DZhO87JIlKRP%2BcRVg84IU%2BzU26NYZN0fE0y8rJz7b%2BDB6puj4hmFjf9J2Fi%2FG4%2FLTBc8LVg0FDc1kvL1dqhG0DwK5teCmxkhYy78bxi%2BrSpIk6fTrQE2mtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 21:48:53 GMT
content-type
text/css
last-modified
Sun, 17 Nov 2024 22:31:34 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=315360000
referrer-policy
no-referrer-when-downgrade
cf-ray
8f3a1eb46fbad9bb-AKL
x-xss-protection
1; mode=block
server
cloudflare
autoptimize_single_e0bce7729ea633227a4e12be6d97decf.css
bedirect.co.nz/wp-content/cache/autoptimize/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://bedirect.co.nz/wp-content/cache/autoptimize/css/autoptimize_single_e0bce7729ea633227a4e12be6d97decf.css?cache=1727332194&ver=6.7.1
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97b796472cf0177be5192861dcd6ef5e582947efe6cd7f77880cb7e8d86bab72
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"673a6ec6-1e72"
age
2228494
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VEcr1KqHPS97iDD420pB2e8ZVU8Y2btOGL1BrB2vjVK4G23AP6N7QUyeAT6d9rvhd8KxI%2FNKLCCrvJmy2JfeN7AMQnI%2BDkWHWXkg07nIPPnM5kop8fbabuZVEp%2BfZqDEig%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 21:48:53 GMT
content-type
text/css
last-modified
Sun, 17 Nov 2024 22:31:34 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=315360000
referrer-policy
no-referrer-when-downgrade
cf-ray
8f3a1eb46fbcd9bb-AKL
x-xss-protection
1; mode=block
server
cloudflare
autoptimize_single_fd0f22c9efb21d9c7ccf131f18e5dada.css
bedirect.co.nz/wp-content/cache/autoptimize/css/
94 KB
18 KB
Stylesheet
General
Full URL
https://bedirect.co.nz/wp-content/cache/autoptimize/css/autoptimize_single_fd0f22c9efb21d9c7ccf131f18e5dada.css?cache=1729133348&ver=6.7.1
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18311caec15cd08f5d9370579d44d1b2fce4e96e65541c1e957bf054852f0e55
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"673a6ec6-176d0"
age
2230794
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ln%2FCleDTQtGbaBattuZVrLgPOIkVOGaXPCeTsfM6i3zofrWaAT69Tz3R4dlgEM%2FsGLXSKnL7R8NW%2B3mATarzIJTXIeMLG%2BNswIv5cPT9WHhwbLX%2FhTpBg5hFbBwr%2FZveAA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 21:48:53 GMT
content-type
text/css
last-modified
Sun, 17 Nov 2024 22:31:34 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=315360000
referrer-policy
no-referrer-when-downgrade
cf-ray
8f3a1eb46fbbd9bb-AKL
x-xss-protection
1; mode=block
server
cloudflare
47561313.js
js-na1.hs-scripts.com/
2 KB
1 KB
Script
General
Full URL
https://js-na1.hs-scripts.com/47561313.js
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdb53ed68974dceb0b0635060d9f9913cf5a4046abf3a6a82a5afc82b6e45550
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
HIT
age
5825
x-content-type-options
nosniff
date
Tue, 17 Dec 2024 21:48:54 GMT
x-hubspot-correlation-id
1bdffdf6-6bde-4e9c-93cc-9a081645cf3d
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
last-modified
Tue, 17 Dec 2024 20:11:49 GMT
access-control-allow-credentials
true
cf-ray
8f3a1eb67fc8d9b8-AKL
accept-ranges
bytes
access-control-allow-origin
https://bedirect.co.nz
content-length
610
server
cloudflare
email-decode.min.js
bedirect.co.nz/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://bedirect.co.nz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
etag
W/"675fc4cd-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Biu6YCBN1ZNkq4HAxHzEUN%2BivpZSwUa5NZtBdhXFKLOVkjcGMEmfa7YfqzdCRJkcjrZK7pcrksF1NPxC%2FV%2BZaF8BALB%2FdA5%2BILxwmjfx%2BLlx427gOgfjAKrQ%2BwWfnK2F%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f3a1eb46fbdd9bb-AKL
expires
Thu, 19 Dec 2024 21:48:53 GMT
date
Tue, 17 Dec 2024 21:48:53 GMT
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 06:12:29 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
dropzone.min.js
unpkg.com/dropzone@5.9.3/dist/min/
Redirect Chain
  • https://unpkg.com/dropzone@5/dist/min/dropzone.min.js?ver=5.0
  • https://unpkg.com/dropzone@5/dist/min/dropzone.min.js
  • https://unpkg.com/dropzone@5.9.3/dist/min/dropzone.min.js
112 KB
46 KB
Script
General
Full URL
https://unpkg.com/dropzone@5.9.3/dist/min/dropzone.min.js
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b82753e852e463afbaf17ce6e1ff4ed2eb079c93dd2afd10d2bb285ef2dc84fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"1c00e-L41CNdeLffl7qn44j0eg3tSBXbQ"
age
8489439
x-content-type-options
nosniff
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J7E9BR715P8JG1P7PEFKVGQS-syd
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8f3a1eb6ef6bd9a2-AKL
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/dropzone@5.9.3/dist/min/dropzone.min.js
content-encoding
br
cf-cache-status
HIT
age
152
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8f3a1eb6af0dd9a2-AKL
access-control-allow-origin
*
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JFB9C701TPSJRWR53DD879CF-syd
server
cloudflare
e-202451.js
stats.wp.com/
7 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202451.js
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

cache-control
max-age=31536000
content-encoding
br
x-nc
HIT syd
etag
W/14421-1717166113420.8362
x-minify
t
x-minify-cache
hit
access-control-allow-methods
GET, HEAD
expires
Mon, 15 Dec 2025 03:45:09 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
autoptimize_e1b258799a6d5a8338001e85b95f1ddb.js
bedirect.co.nz/wp-content/cache/autoptimize/js/
167 KB
59 KB
Script
General
Full URL
https://bedirect.co.nz/wp-content/cache/autoptimize/js/autoptimize_e1b258799a6d5a8338001e85b95f1ddb.js
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a95211d667c4b9e0c001fa4403f730d1b90a6154fefd5657da4d961ef751a777
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"6715848e-29c54"
age
4530759
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8wkPVaP3JFr9%2FXQ6PtATMraSwAkO8hXHMs%2BdYeyn2F%2BrKZtTexlahw%2B1VrRw6KnlDaYjMW8iLIXV%2BYFGCExsLwolEyfXtkIIV3Suz8qwi8xmlYAaCcHNh0IY9PT4%2BZbI8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
application/javascript
last-modified
Sun, 20 Oct 2024 22:30:38 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=315360000
referrer-policy
no-referrer-when-downgrade
cf-ray
8f3a1eb60fbfd9bb-AKL
x-xss-protection
1; mode=block
server
cloudflare
autoptimize_645e25746732f92ab8912b8a07744c57.css
bedirect.co.nz/wp-content/cache/autoptimize/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://bedirect.co.nz/wp-content/cache/autoptimize/css/autoptimize_645e25746732f92ab8912b8a07744c57.css
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f902b2ef17184188110c4a774dff12989d5e749949d3787b77e2095833f45e
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"66d6843f-1b6d"
age
8470003
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2wTprJJW%2B9jbd4WKvx1sxyAcKJSHFY82%2B7GXuiCsO2GZT3iUAMnQkXEcF8S0fjeNyOZjogOw8fg50alrKorl2FGeyGDM%2FvfaMZh8wPAEZ9S7SQZKfeZ89ygok1WPP2EP9A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
text/css
last-modified
Tue, 03 Sep 2024 03:36:31 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=315360000
referrer-policy
no-referrer-when-downgrade
cf-ray
8f3a1eb60fc0d9bb-AKL
x-xss-protection
1; mode=block
server
cloudflare
gtm.js
www.googletagmanager.com/
282 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WTRFF4K
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:812::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9a2faeb8b1196b54dc518ac4868768083ec41b588ecb4f9c981903e0fc09314a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 17 Dec 2024 21:48:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 17 Dec 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102408
x-xss-protection
0
server
Google Tag Manager
truncated
/
64 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
CalculatorBG2.jpg
bedirect.co.nz/wp-content/uploads/2021/04/
27 KB
28 KB
Image
General
Full URL
https://bedirect.co.nz/wp-content/uploads/2021/04/CalculatorBG2.jpg
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/wp-content/cache/autoptimize/css/autoptimize_single_e0bce7729ea633227a4e12be6d97decf.css?cache=1727332194&ver=6.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b6b9a020bc5739dd80216e430f5b6efe7bdc63e7fbd529cb581cfba00319ad9
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/wp-content/cache/autoptimize/css/autoptimize_single_e0bce7729ea633227a4e12be6d97decf.css?cache=1727332194&ver=6.7.1

Response headers

cf-cache-status
HIT
etag
"60d1f0fc-6b8f"
age
1591981
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9w1nCrmMwTMsTXNlDEE9TvrD7cy6etCy7JPOK%2B6Lr0etGooicsBGSFnJQHd0TecBlqPaJGyFQoWWoKpT1bZ232IQb3jj4k17kaj8MStRgXH9Qj1JRhtVpViNSX6YFm0GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
image/jpeg
last-modified
Tue, 22 Jun 2021 14:17:32 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8f3a1eb63fc1d9bb-AKL
accept-ranges
bytes
content-length
27535
x-xss-protection
1; mode=block
server
cloudflare
47561313.js
js.hs-analytics.net/analytics/1734466200000/
68 KB
25 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1734466200000/47561313.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/47561313.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6644ae5353096b9455ad680c56ff592b2a719d1a59f6297d2b8217801c63971

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

x-amz-server-side-encryption
AES256
x-request-id
8d5eb1a5-a49f-47f4-90e7-e69e4c0ea016
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"1a6505f6edbd4eb2ebb387e1f6cdce11"
x-amz-version-id
null
expires
Tue, 17 Dec 2024 21:53:54 GMT
x-evy-trace-listener
listener_https
date
Tue, 17 Dec 2024 21:48:55 GMT
x-hubspot-correlation-id
8d5eb1a5-a49f-47f4-90e7-e69e4c0ea016
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 23:16:53 GMT
vary
origin, Accept-Encoding
x-amz-id-2
5CIWkOSD5+7eoc6CwUnt0oyUKdCBvkyugOLZMr80fBQdQw1ooSCt7I50zl4PYuT2HP0Ou+hQ9ZM=
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-l4dxl
x-envoy-upstream-service-time
37
access-control-allow-credentials
false
x-amz-request-id
3XQ2RB0G16147Z6R
cf-ray
8f3a1eb7491ed9b8-AKL
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
collectedforms.js
js.hscollectedforms.net/
70 KB
25 KB
Script
General
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/47561313.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6dfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1764bc84ea6abe91f1634b73a5a6c0ebff400461dfea6a4040bd0c03d86caa8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bedirect.co.nz
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

x-request-id
87bb3a03-ef09-4665-a1c5-6c07a320679d
content-encoding
gzip
cf-cache-status
EXPIRED
x-amz-version-id
8IiNiFnnn0n9avBP.k8Mr32sZxpD8Dx_
etag
W/"ceb8bcb73e5536d8416735a3977d227a"
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
vqo8jjGkDF8kTyw_vUsh6HGo1mP1FWd9V1lj6CgB0irZGRrCGHyBMw==
x-hubspot-correlation-id
87bb3a03-ef09-4665-a1c5-6c07a320679d
content-type
application/javascript; charset=utf-8
last-modified
Mon, 09 Dec 2024 13:03:17 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-hfrjc
x-envoy-upstream-service-time
35
x-hs-target-asset
collected-forms-embed-js/static-1.1112/bundles/project.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET
x-hs-cache-status
MISS
date
Tue, 17 Dec 2024 21:48:54 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.1112/bundles/project.js&cfRay=8efa5e6d0d1a1c5d-MEL
via
1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
cf-ray
8f3a1eb73d141c54-AKL
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD12-P3
banner.js
js.hs-banner.com/v2/47561313/
71 KB
27 KB
Script
General
Full URL
https://js.hs-banner.com/v2/47561313/banner.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/47561313.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ba5e8cf6b6bdce7c2d979228dc41fdfb92e9df915339b5cb15a364df45e0995

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

x-evy-trace-virtual-host
all
access-control-max-age
604800
x-request-id
1049dfa6-8f82-4e1a-949f-ab50d9ef7ee9
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"b8a954e49cb57a4be95d0bfd0d222688"
x-amz-version-id
TQ4DjRNrAYYSbvcNDXZtjMhaC5Q15vwS
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires
Tue, 17 Dec 2024 21:53:54 GMT
x-evy-trace-listener
listener_https
date
Tue, 17 Dec 2024 21:48:55 GMT
x-hubspot-correlation-id
1049dfa6-8f82-4e1a-949f-ab50d9ef7ee9
content-type
text/javascript; charset=UTF-8
last-modified
Mon, 30 Sep 2024 23:01:25 GMT
vary
origin, Accept-Encoding
x-amz-id-2
EZrXLASO6Zy1iw2TyliWn1r/fpnTfcYUbUC2zuCrOiEap+hCpkxzVfeCeYcXBjxg+T/1Fi6TMkA=
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
timing-allow-origin
*
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-ldpqz
x-envoy-upstream-service-time
166
access-control-allow-credentials
true
x-amz-request-id
AWHD92R8212C2A3Q
cf-ray
8f3a1eb74b2bd9b2-AKL
access-control-allow-origin
https://bedirect.co.nz
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-amz-server-side-encryption
AES256
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A500%2C600%2C700%2Cregular%2C&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bedirect.co.nz
Referer
https://fonts.googleapis.com/

Response headers

age
255377
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 22:52:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 22:52:37 GMT
last-modified
Wed, 04 Dec 2024 06:54:05 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A500%2C600%2C700%2Cregular%2C&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bedirect.co.nz
Referer
https://fonts.googleapis.com/

Response headers

age
257159
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 22:22:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 22:22:55 GMT
last-modified
Wed, 04 Dec 2024 06:53:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A500%2C600%2C700%2Cregular%2C&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f3.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bedirect.co.nz
Referer
https://fonts.googleapis.com/

Response headers

age
257014
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 22:25:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 22:25:20 GMT
last-modified
Wed, 04 Dec 2024 06:53:31 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
event
plausible.io/api/
2 B
493 B
XHR
General
Full URL
https://plausible.io/api/event
Requested by
Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1::1 , Australia, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software
BunnyCDN-AUC1-1213 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

x-request-id
GBIVN3ndb9mEwKwXgP0F
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
text/plain; charset=utf-8
cdn-cachedat
12/17/2024 21:48:54
cdn-requestpullcode
202
cache-control
must-revalidate, max-age=0, private
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestid
81f13aa16f79a714f210368e6b366f54
access-control-allow-credentials
true
cdn-pullzone
682664
cdn-proxyver
1.06
application
127.0.0.1
permissions-policy
interest-cohort=()
access-control-allow-origin
*
content-length
2
cdn-edgestorageid
1213
server
BunnyCDN-AUC1-1213
cdn-requestcountrycode
NZ
g.gif
pixel.wp.com/
50 B
177 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=226434768&post=199&tz=12&srv=bedirect.co.nz&j=1%3A13.9.1&host=bedirect.co.nz&ref=&fcp=582&utm_source=dmail&rand=0.5254878591057575
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

cache-control
no-cache
access-control-allow-origin
*
content-length
50
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
image/gif
server
nginx
/
bedirect.co.nz/
7 KB
3 KB
Script
General
Full URL
https://bedirect.co.nz/?gdbc-client=3.1.43-1734472134303
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3a35fa7e27b73f548ed9049b83e9422ab0de193aa6bf55ad1da44c57784b7e2
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MOoKGGxh4CD75TJXJeDxmysX0zScgskEEtEt%2FH5F7Bd%2BbUKyp9LWS6gKnOcktQzgZV1IlEXMW1GU6UJv11O3NLQpQK5241zaIX3l7idC8TeA%2BMjV5ckU1H9ubtiHjvxqIA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, max-age=0
referrer-policy
no-referrer-when-downgrade
cf-ray
8f3a1eb78fc2d9bb-AKL
x-xss-protection
1; mode=block
server
cloudflare
Direct-Print-and-Mail-Solutions-Logo@2x.png
bedirect.co.nz/wp-content/uploads/2022/05/
10 KB
11 KB
Image
General
Full URL
https://bedirect.co.nz/wp-content/uploads/2022/05/Direct-Print-and-Mail-Solutions-Logo@2x.png
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
996a6e9e933228f2a5daa81ecbb661266fe56a46f73a5155f798c3b241681a43
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

cf-cache-status
HIT
etag
"627d3fc6-28fd"
age
1814409
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2Fflql6O82PLu%2Brf23ikO3RMzyfVyoV3TBASv4pUex2SRxQpE0NZPqdu6wRvspyHeUMJA7DUFzSOSj6SgDJ7mTKq7ESYMNOcTK3%2BrF%2FTsmygaioX5Y8Rr1pmD6I3IHFZOg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
image/png
last-modified
Thu, 12 May 2022 17:11:34 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8f3a1eb7afc4d9bb-AKL
accept-ranges
bytes
content-length
10493
x-xss-protection
1; mode=block
server
cloudflare
Josh-and-Revoria-CROP-HR.jpg
bedirect.co.nz/wp-content/uploads/2023/11/
160 KB
160 KB
Image
General
Full URL
https://bedirect.co.nz/wp-content/uploads/2023/11/Josh-and-Revoria-CROP-HR.jpg
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a384a905e163c32ff2bff84a27c4342c5fd716800966be05809e212f01c20c5
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

cf-cache-status
HIT
etag
"65564682-27e03"
age
1591973
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d0FroFlzHwNXsoQ8ojf7cenTc4ris9xbhs2j4CcwHIqf84SEu44HYFQJ0R3H4kDi5ybWsOfm52hGr4I5EZjfZr%2BixlTuwzJ3n0OEa1VRGGNEi%2BwWhjN7lxdr5yB69g5W5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
image/jpeg
last-modified
Thu, 16 Nov 2023 16:42:42 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8f3a1eb7afc5d9bb-AKL
accept-ranges
bytes
content-length
163331
x-xss-protection
1; mode=block
server
cloudflare
json
forms.hscollectedforms.net/collected-forms/v1/config/
136 B
636 B
XHR
General
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=47561313&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6dfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79c0f488a59f713c9d20d9006a0db37bb6fc9bf88151f14393671c9bc84acb3f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

x-robots-tag
none
access-control-max-age
180
x-request-id
a92f9ac1-efe4-4911-8107-a4eb0e1835d7
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
date
Tue, 17 Dec 2024 21:48:54 GMT
x-hubspot-correlation-id
a92f9ac1-efe4-4911-8107-a4eb0e1835d7
content-type
application/json;charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
*
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-9vk2x
x-envoy-upstream-service-time
10
cf-ray
8f3a1eb96e7a1c54-AKL
access-control-allow-origin
https://bedirect.co.nz
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
js
www.googletagmanager.com/gtag/
407 KB
131 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SSGG6XWBV8&l=dataLayer&cx=c&gtm=457e4cc1za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5592891-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:812::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ae2648f573af82d59b70b0c36bab341bbf96c63b721a1e9f63dae729e743ae80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 17 Dec 2024 21:48:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 21:48:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
134167
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5592891-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
gzip
age
1978
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 23:15:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 21:15:56 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fbedirect.co.nz%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=593827831.1734472135&dt=Direct%20Mail%20and%20Digital%20Print%20Made%20Easy%20in%20Auckland%2C%20New%20Zealand&auid=1499542300.1734472135&navt=n&npa=0&gtm=45He4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734472134827&tfd=1236&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTRFF4K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

loader.js
www.gstatic.com/wcm/
6 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTRFF4K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
br
age
1690
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 22:20:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 21:20:45 GMT
last-modified
Wed, 20 Mar 2024 23:18:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
2133
x-xss-protection
0
server
sffe
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 7F0F
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fbedirect.co.nz
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTRFF4K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:812::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
66053
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 03:28:02 GMT
expires
Wed, 17 Dec 2025 03:28:02 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
1 B
418 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=293570965&t=pageview&_s=1&dl=https%3A%2F%2Fbedirect.co.nz%2F%3Futm_source%3Ddmail&ul=en-nz&de=UTF-8&dt=Direct%20Mail%20and%20Digital%20Print%20Made%20Easy%20in%20Auckland%2C%20New%20Zealand&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=637554657&gjid=1149667047&cid=284285605.1734472135&tid=UA-5592891-3&_gid=1264480666.1734472135&_r=1&gtm=457e4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&jsscut=1&z=355573407
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 21:48:55 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://bedirect.co.nz
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
call-tracking_9.js
www.gstatic.com/call-tracking/
62 KB
21 KB
Script
General
Full URL
https://www.gstatic.com/call-tracking/call-tracking_9.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
br
age
347045
report-to
{"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 21:24:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 21:24:50 GMT
last-modified
Mon, 22 Jan 2024 22:18:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="ads-telephony"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
accept-ranges
bytes
content-length
20777
x-xss-protection
0
server
sffe
wcm
www.google.co.nz/pagead/attribution/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1040706729/wcm?cc=ZZ&dn=093081510&cl=FxaTCIWQo-4BEKnZn_AD&dma=0&npa=0&ct_eid=2
  • https://www.google.co.nz/pagead/attribution/wcm?cc=ZZ&dn=093081510&cl=FxaTCIWQo-4BEKnZn_AD&dma=0
80 B
110 B
XHR
General
Full URL
https://www.google.co.nz/pagead/attribution/wcm?cc=ZZ&dn=093081510&cl=FxaTCIWQo-4BEKnZn_AD&dma=0
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H3
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
cafe /
Resource Hash
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
87
date
Tue, 17 Dec 2024 21:48:55 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe

Redirect headers

location
https://www.google.co.nz/pagead/attribution/wcm?cc=ZZ&dn=093081510&cl=FxaTCIWQo-4BEKnZn_AD&dma=0
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://bedirect.co.nz
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 17 Dec 2024 21:48:55 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-SSGG6XWBV8&gtm=45je4cc1v879780929za200&_p=1734472134065&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=284285605.1734472135&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1734472135&sct=1&seg=0&dl=https%3A%2F%2Fbedirect.co.nz%2F%3Futm_source%3Ddmail&dt=Direct%20Mail%20and%20Digital%20Print%20Made%20Easy%20in%20Auckland%2C%20New%20Zealand&en=page_view&_fv=1&_ss=1&tfd=1713
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSGG6XWBV8&l=dataLayer&cx=c&gtm=457e4cc1za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://bedirect.co.nz
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 21:48:55 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
544 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SSGG6XWBV8&cid=284285605.1734472135&gtm=45je4cc1v879780929za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSGG6XWBV8&l=dataLayer&cx=c&gtm=457e4cc1za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://bedirect.co.nz
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 21:48:55 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 69C5
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-SSGG6XWBV8&gacid=284285605.1734472135&gtm=45je4cc1v879780929za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1680107462
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSGG6XWBV8&l=dataLayer&cx=c&gtm=457e4cc1za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:813::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bedirect.co.nz/?utm_source=dmail
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 21:48:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.co.nz/ads/
42 B
63 B
Image
General
Full URL
https://www.google.co.nz/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SSGG6XWBV8&cid=284285605.1734472135&gtm=45je4cc1v879780929za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=891473867
Requested by
Host: bedirect.co.nz
URL: https://bedirect.co.nz/?utm_source=dmail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 17 Dec 2024 21:48:55 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
__ptq.gif
track.hubspot.com/
45 B
1 KB
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-nz&bfp=4050520074&v=1.1&a=47561313&rcu=https%3A%2F%2Fbedirect.co.nz%2F&pu=https%3A%2F%2Fbedirect.co.nz%2F%3Futm_source%3Ddmail&t=Direct+Mail+and+Digital+Print+Made+Easy+in+Auckland%2C+New+Zealand&cts=1734472135753&vi=39a38b4d5c9f4fb03c2a78e611a88d2e&nc=true&u=187354167.39a38b4d5c9f4fb03c2a78e611a88d2e.1734472135751.1734472135751.1734472135751.1&b=187354167.1.1734472135751&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

x-robots-tag
none
x-request-id
677383f6-d39a-4a99-a2c1-b28b5c2cfb6e
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0jSwINhbygDeE4vDGrDdhtJA8%2F00igqPBGl8eJQcAbTiCymDFlmRWW1Qe4TLu7z2xH0TccC0%2FQSMQ%2B8e%2FOnPdylmAUS6g8kouqohjHyHFxWI1Rkr8xlQ%2FV%2BiAFjPrrt9RbrugL9%2BOJ%2Bf7BVOFaGg"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Tue, 17 Dec 2024 21:48:56 GMT
x-hubspot-correlation-id
677383f6-d39a-4a99-a2c1-b28b5c2cfb6e
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-c658cb6d4-5tthw
x-envoy-upstream-service-time
6
access-control-allow-credentials
false
cf-ray
8f3a1ec10adcd9a2-AKL
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
favicon.ico
bedirect.co.nz/
1 KB
1 KB
Other
General
Full URL
https://bedirect.co.nz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17510b908dcc4e19cf18572defcf1bc3a9ce7e4600a0466614912a87c63eb1b1
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bedirect.co.nz/?utm_source=dmail

Response headers

content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"60eadea8-47e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CGHXkrf1DiSvxCdSwl4cJ02DvWfN3TilGywvXCcA5jLeoU7HCOCehMcoSrZ1alZ5XNWErYTdLAr1vhjp1Gnkzex0p2QJPsJx24KE6irKp3pB00We0NGC6aL06C4JcLVyjw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 21:48:55 GMT
content-type
image/x-icon
last-modified
Sun, 11 Jul 2021 12:06:00 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
referrer-policy
no-referrer-when-downgrade
cf-ray
8f3a1ec09fc7d9bb-AKL
x-xss-protection
1; mode=block
server
cloudflare

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| _wca object| wc_add_to_cart_params object| woocommerce_params object| wc_single_product_params object| dataLayer function| gtag function| wpBruiserDocReady object| mpc_ajax_object object| wc_order_attribution object| _stq object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| jQuery object| _hsp object| _tkq function| plausible function| Dropzone function| default function| st_go function| linktracker_init object| wpcom function| r function| Bt object| n function| t object| Cookies function| Splide object| splide function| PhotoSwipe function| PhotoSwipeUI_Default object| sbjs object| AOS function| LazyLoad object| images object| iframes boolean| is_iframe object| rocket_lazy object| WPBruiserClient object| __hsCollectedFormsDebug object| _hsq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| _googWcmImpl string| _googWcmAk object| gaplugins object| gaGlobal object| gaData object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran function| sanitizeKey boolean| _hstc_loaded function| jspbGetTypeName function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl function| onYouTubeIframeAPIReady string| google_wcc_status boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime

25 Cookies

Domain/Path Name / Value
.hs-scripts.com/ Name: __cf_bm
Value: a0.Zrn.tztSVY94cCmXchVwS5UIsToiIDOLQY0Q2gDo-1734472134-1.0.1.1-fbk.I_gWEhKrqfq0E0xWPqJ0aAElWWPQ.Ujiwt8p0HUSIzMQ5dS2QroS9IleFdcO0mjXIM5lewrb4nkuZ7V3ug
.bedirect.co.nz/ Name: tk_or
Value: %22%22
.bedirect.co.nz/ Name: tk_r3d
Value: %22%22
.bedirect.co.nz/ Name: tk_lr
Value: %22%22
.bedirect.co.nz/ Name: sbjs_migrations
Value: 1418474375998%3D1
.bedirect.co.nz/ Name: sbjs_current_add
Value: fd%3D2024-12-17%2021%3A48%3A54%7C%7C%7Cep%3Dhttps%3A%2F%2Fbedirect.co.nz%2F%3Futm_source%3Ddmail%7C%7C%7Crf%3D%28none%29
.bedirect.co.nz/ Name: sbjs_first_add
Value: fd%3D2024-12-17%2021%3A48%3A54%7C%7C%7Cep%3Dhttps%3A%2F%2Fbedirect.co.nz%2F%3Futm_source%3Ddmail%7C%7C%7Crf%3D%28none%29
.bedirect.co.nz/ Name: sbjs_current
Value: typ%3Dutm%7C%7C%7Csrc%3Ddmail%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29
.bedirect.co.nz/ Name: sbjs_first
Value: typ%3Dutm%7C%7C%7Csrc%3Ddmail%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29
.bedirect.co.nz/ Name: sbjs_udata
Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F131.0.0.0%20Safari%2F537.36
.bedirect.co.nz/ Name: sbjs_session
Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fbedirect.co.nz%2F%3Futm_source%3Ddmail
.bedirect.co.nz/ Name: _gcl_au
Value: 1.1.1499542300.1734472135
.bedirect.co.nz/ Name: _gid
Value: GA1.3.1264480666.1734472135
.bedirect.co.nz/ Name: _gat_gtag_UA_5592891_3
Value: 1
.hs-banner.com/ Name: __cf_bm
Value: 20XUaY9LhSRh_5xNuNz_aNwmKbASzwke1zD68oOk.lU-1734472135-1.0.1.1-5TJW1cHBxh3sHlOTUUwphKRsAeZnMvy05CI6bCkdWV0n3a06ueVwmEKvGm8qLG3xlmBOGkmzylZSciSkkCWukw
.hs-analytics.net/ Name: __cf_bm
Value: lIMbFWGIYNy6bSeZgKW0rBT7zcyYKkug__uNZ54nfDs-1734472135-1.0.1.1-0FsSwSfJbhrpt2fQw44e2aXBb.nkbD7nYrNnwhTtK_t1iCeEI.bdIvU4dk4yreEPp76C2qAvUzQGxu7rP.y86g
.bedirect.co.nz/ Name: _ga_SSGG6XWBV8
Value: GS1.1.1734472135.1.0.1734472135.60.0.0
.bedirect.co.nz/ Name: _ga
Value: GA1.1.284285605.1734472135
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bedirect.co.nz/ Name: __hstc
Value: 187354167.39a38b4d5c9f4fb03c2a78e611a88d2e.1734472135751.1734472135751.1734472135751.1
.bedirect.co.nz/ Name: hubspotutk
Value: 39a38b4d5c9f4fb03c2a78e611a88d2e
.bedirect.co.nz/ Name: __hssrc
Value: 1
.bedirect.co.nz/ Name: __hssc
Value: 187354167.1.1734472135751
.hubspot.com/ Name: __cf_bm
Value: hI2jvJI_XMC_3aAALbIRs8mJbrqk71VWboRsA09HnmU-1734472136-1.0.1.1-lV_0wTqDFpmdShywR_3NWBJiggkXop.6BQWdRSxBKbR9WTbgdOtL8vk_UhVQlRnYGssRQajfX07JQkYGVFQlYA
.hubspot.com/ Name: _cfuvid
Value: PAZnk_1PMm2R13qWkAf1lE252MR4CReKaONvolMwxaQ-1734472136101-0.0.1.1-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bedirect.co.nz
dmail.co.nz
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hscollectedforms.net
pixel.wp.com
plausible.io
stats.g.doubleclick.net
stats.wp.com
td.doubleclick.net
track.hubspot.com
unpkg.com
www.google-analytics.com
www.google.co.nz
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.21.80.1
142.250.66.227
172.217.167.68
172.217.167.98
172.217.167.99
172.67.129.72
192.0.76.3
2001:4860:4802:36::178
2001:4860:4802:36::181
2400:52e0:1::1
2404:6800:4003:c1c::9d
2404:6800:4006:810::2003
2404:6800:4006:812::2008
2404:6800:4006:813::2002
2404:6800:4006:813::200a
2606:4700:4400::ac40:9310
2606:4700::6810:6dfe
2606:4700::6810:7574
2606:4700::6810:8bd1
2606:4700::6811:afc9
2606:4700::6811:f5cb
17510b908dcc4e19cf18572defcf1bc3a9ce7e4600a0466614912a87c63eb1b1
1764bc84ea6abe91f1634b73a5a6c0ebff400461dfea6a4040bd0c03d86caa8b
18311caec15cd08f5d9370579d44d1b2fce4e96e65541c1e957bf054852f0e55
1eb11cd8213dae418b63923a8bdc82ec7b5605cf37c2ae75e6147b0cf09e135e
1eff027c2c4094148c7280d40bf6c6c2d6135bc8ba1554a78ca00f31d8660f77
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ba5e8cf6b6bdce7c2d979228dc41fdfb92e9df915339b5cb15a364df45e0995
3a384a905e163c32ff2bff84a27c4342c5fd716800966be05809e212f01c20c5
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
66f902b2ef17184188110c4a774dff12989d5e749949d3787b77e2095833f45e
670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad
75c64f6f6f587b4b76220acfba1c1d2f96c8b1d9c3b018df113c2c85a20b9ffe
79c0f488a59f713c9d20d9006a0db37bb6fc9bf88151f14393671c9bc84acb3f
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8b6b9a020bc5739dd80216e430f5b6efe7bdc63e7fbd529cb581cfba00319ad9
8cb3d1c9aec0a6f72d540615b87e692bbe75daf1edfdc0ea98cb81f6d9f8b92c
97b796472cf0177be5192861dcd6ef5e582947efe6cd7f77880cb7e8d86bab72
996a6e9e933228f2a5daa81ecbb661266fe56a46f73a5155f798c3b241681a43
9a2faeb8b1196b54dc518ac4868768083ec41b588ecb4f9c981903e0fc09314a
9b24fd64c70ccc6f0d26cf07916db6eaab4a03ad9c5e6010f41bfd76546aa58e
9ff0aecab9bebf5e4d8a6d2627666b1251e50a4f2b689b3fe7b59e0ac2330ebe
a3a35fa7e27b73f548ed9049b83e9422ab0de193aa6bf55ad1da44c57784b7e2
a95211d667c4b9e0c001fa4403f730d1b90a6154fefd5657da4d961ef751a777
ae2648f573af82d59b70b0c36bab341bbf96c63b721a1e9f63dae729e743ae80
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b82753e852e463afbaf17ce6e1ff4ed2eb079c93dd2afd10d2bb285ef2dc84fe
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cdb53ed68974dceb0b0635060d9f9913cf5a4046abf3a6a82a5afc82b6e45550
cdbc86e3b016da7fe2edfa886cab9dd0a64c3ea9f515b0ea4e162b1fbe08b3df
d92c0cb8715f872b995e9166602b68fd389905b7942fe245ce0eaf9ae9743686
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3409ac09af396e35fd67c5e024386d36c52138b7541e6a4644c31a94a2d33a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6644ae5353096b9455ad680c56ff592b2a719d1a59f6297d2b8217801c63971