duval.co.nz Open in urlscan Pro
2606:4700:20::681a:98b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://duvalpartners.co.nz/adobe-d15.zip
Effective URL:
https://duval.co.nz/investment-opportunities/
Submission: On February 16 via api (February 16th 2024, 10:41:33 pm UTC) from US — Scanned from US

Summary HTTP 60 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 24 IPs in 2 countries across 24 domains to perform 60 HTTP transactions. The main IP is 2606:4700:20::681a:98b, located in United States and belongs to CLOUDFLARENET, US. The main domain is duval.co.nz.
TLS certificate: Issued by E1 on January 18th 2024. Valid for: 3 months.

This is the only time duval.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::ac43:bc45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3036::ac43:b041	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3032::6815:1af1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2606:4700:20:... 2606:4700:20::681a:98b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:817::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:be59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:88ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2600:141b:900... 2600:141b:9000::b857:ad39	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::9c	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e6a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:599a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4fba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.64.217.63 104.64.217.63	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6812:c07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	192.29.154.251 192.29.154.251	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
3	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
60	24

1 2606:4700:3036::ac43:bc45 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

duvalpartners.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:b041 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

duvalpartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:1af1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

duvalgroup.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:20::681a:98b (United States)

ASN13335 (CLOUDFLARENET, US)

duval.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:be59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:88ce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:9000::b857:ad39 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f003:c0e:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:599a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4fba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.217.63 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-217-63.deploy.static.akamaitechnologies.com

img07.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c07d (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.29.154.251 (Bungarribee, Australia) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

s2137399.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f103:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cff9 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	duval.co.nz duval.co.nz	1019 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 391 www.linkedin.com — Cisco Umbrella Rank: 643 px4.ads.linkedin.com — Cisco Umbrella Rank: 6482	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	76 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	270 B
3	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 5005 forms-na1.hsforms.com — Cisco Umbrella Rank: 8184	6 KB
2	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2726	2 KB
2	eloqua.com 1 redirects s2137399.t.eloqua.com	1 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5270 forms.hscollectedforms.net — Cisco Umbrella Rank: 5379	26 KB
2	google.com analytics.google.com — Cisco Umbrella Rank: 177	305 B
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1036	16 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
2	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 7671	307 KB
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2825 js-na1.hs-scripts.com — Cisco Umbrella Rank: 7310	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	171 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 4015	1 KB
1	en25.com img07.en25.com — Cisco Umbrella Rank: 568556	3 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2608	21 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3672	4 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2616	23 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 113	251 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 996	7 KB
1	duvalgroup.co.nz 1 redirects duvalgroup.co.nz	517 B
1	duvalpartners.com 1 redirects duvalpartners.com	467 B
1	duvalpartners.co.nz 1 redirects duvalpartners.co.nz	720 B
60	24

	Domain	Requested by
23	duval.co.nz	duval.co.nz static.cloudflareinsights.com
4	px.ads.linkedin.com	3 redirects snap.licdn.com
4	connect.facebook.net	duval.co.nz connect.facebook.net
3	www.facebook.com	duval.co.nz
2	track.hubspot.com
2	s2137399.t.eloqua.com	1 redirects duval.co.nz
2	forms.hsforms.com	js.hsforms.net duval.co.nz
2	analytics.google.com	www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	js.hsforms.net	duval.co.nz js.hsforms.net
2	www.googletagmanager.com	duval.co.nz www.googletagmanager.com
1	js-na1.hs-scripts.com	js.hs-analytics.net
1	forms-na1.hsforms.com	duval.co.nz
1	api.hubapi.com	js.hsadspixel.net
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	px4.ads.linkedin.com	duval.co.nz
1	www.linkedin.com	1 redirects
1	img07.en25.com	duval.co.nz
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.cloudflareinsights.com	duval.co.nz
1	js.hs-scripts.com	duval.co.nz
1	duvalgroup.co.nz	1 redirects
1	duvalpartners.com	1 redirects
1	duvalpartners.co.nz	1 redirects
60	29

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.linkedin.com
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
duval.co.nz E1	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-26` - `2024-02-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-21` - `2024-05-20`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://duval.co.nz/investment-opportunities/
Frame ID: 3BCAF2CB5FDF7DF7DFECE34E4329E14B
Requests: 59 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/embed/v2.js?ver=10.2.5
Frame ID: 4115F7BEFF10495D0AA0D2B84BD5F8F8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Investment Opportunities - Duval

Page URL History Show full URLs

http://duvalpartners.co.nz/adobe-d15.zip HTTP 301
https://duvalpartners.com/ HTTP 301
https://duvalgroup.co.nz/capital-funds/ HTTP 301
https://duval.co.nz/investment-opportunities/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

60
Requests

95 %
HTTPS

88 %
IPv6

24
Domains

29
Subdomains

24
IPs

2
Countries

1706 kB
Transfer

3888 kB
Size

19
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/duvalgroup/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/duvalgroup/?originalSubdomain=nz

Search URL Search Domain Scan URL

URL: https://www.facebook.com/duvalgroup

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCu7kgOJPsy5tLnx3RMMln4Q/videos?app=desktop&view=0&sort=dd&shelf_id=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://duvalpartners.co.nz/adobe-d15.zip HTTP 301
https://duvalpartners.com/ HTTP 301
https://duvalgroup.co.nz/capital-funds/ HTTP 301
https://duval.co.nz/investment-opportunities/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4077684&time=1708123286778&url=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4077684&time=1708123286778&url=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4077684%26time%3D1708123286778%26url%3Dhttps%253A%252F%252Fduval.co.nz%252Finvestment-opportunities%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4077684&time=1708123286778&url=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4077684&time=1708123286778&url=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&cookiesTest=true&liSync=true&e_ipv6=AQKWcgd-3-FAXQAAAY20FO9q4EipynL_8H7aGclOPQBLGvUB0SaVsq2ujUlTba4uvp8dyg

Request Chain 44

https://s2137399.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=2137399&ref2=elqNone&tzo=600&ms=972&optin=disabled HTTP 302
https://s2137399.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2137399&ref2=elqNone&tzo=600&ms=972&optin=disabled&elqCookie=1

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
duval.co.nz/investment-opportunities/
Redirect Chain

http://duvalpartners.co.nz/adobe-d15.zip
https://duvalpartners.com/
https://duvalgroup.co.nz/capital-funds/
https://duval.co.nz/investment-opportunities/

302 KB
32 KB

1373ms
978ms

Document
text/html

2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/investment-opportunities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3651715d01878b30ab267dca0f428d649bf8859f55d4ff5e856feb1a59970777

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-apo-via: origin,no-cache
cf-cache-status: BYPASS
cf-edge-cache: cache,platform=wordpress
cf-ray: 85694c4268b98dd2-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 16 Feb 2024 22:41:25 GMT
link: <https://duval.co.nz/wp-json/>; rel="https://api.w.org/", <https://duval.co.nz/wp-json/wp/v2/pages/2286>; rel="alternate"; type="application/json", <https://duval.co.nz/?p=2286>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y42kU8CWZz4bGOsvKj5mKceVvwurMABxE6OnPHbilN0J7aGjKj8OiZ6xapDdR1DmSoSdw6Dic2tiTVQtmtTDrbIVCy82i2W5htqBIYlLF3wrKNmF4FETnyNn1M1ZOFWUs8tsmrt9n5H0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 85694c3f88458db8-MIA
date: Fri, 16 Feb 2024 22:41:24 GMT
expires: Fri, 16 Feb 2024 23:41:24 GMT
location: https://duval.co.nz/investment-opportunities/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kwXOGZDt4%2BI%2FLQJEFAvfKB88IcoubeBmabA8VSF%2FAwgnE8P6CyblQTifc8gSQPdlO16Nz2ffgByq%2Bsdl5ofFQ5C3pon%2Bli6i%2FAPfHv5Pl3NDZ44sEzJ36VZieyjMT8LtFaDSLf0Mb%2F%2BJIiBWWb7"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 220 KB
78 KB 289ms
113ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TPQ3HS4

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79ebf0ef6e6aba97e322e95ce6466c7c00cba4ee6bace76157e87a7c69e9bd42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78982
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 21:47:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Feb 2024 22:41:26 GMT

GET
BLOB 200
OK 1f989a2b-8db9-4044-9d46-a28aedd8dafb
https://duval.co.nz/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://duval.co.nz/1f989a2b-8db9-4044-9d46-a28aedd8dafb
Requested by: Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 style.min.css
duval.co.nz/wp-includes/css/dist/block-library/ 108 KB
15 KB 151ms
151ms Stylesheet
text/css 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 06:59:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0An1ePQjODHFYZNCwJrPzJCroKV9VBMPe1aXGNQwqV5Ybn63fqpJ%2B4gXnA8DZeJiqxG94nJEoItPNgVG5fQFUKb%2FJRh5ZtmWBuJ94GLkbE3ndCePJKfNPdO%2F18%2FBgFTQ6r3Zk1%2BVdXy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85694c48f89d8dd2-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 styles.css
duval.co.nz/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 148ms
145ms Stylesheet
text/css 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.2

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-polished: origSize=2859
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 07 Nov 2023 03:37:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BYG02TLgF8o3ScSnpjbcPuxL5YarnxkSQu%2BkiJx6Mf6khU8S7vTgkb8yaY70DKZrobRfoSVP74WKUnmY%2F6e923TPU4MeMXSr7IHFSQOdQyhZ7%2FXwBiPZWezyKBe1UPdt06EWN6%2BH8qJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85694c49997f8dd2-MIA

GET
H2 200 style.css
duval.co.nz/wp-content/themes/dvg-theme/ 205 KB
30 KB 226ms
223ms Stylesheet
text/css 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/wp-content/themes/dvg-theme/style.css?ver=1708123285

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fded5370c10c4050b04511d765327cc490bb027a3a0b1d08b7cb59021eca171

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 23 Aug 2023 02:00:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvMUbATO35D5cGjSoss%2F4wP2JB90PEgaRmjvZloE6A1TNxG%2FOXSMHcD4iCSmpK2V%2FyBKtp245oyyUP4QcyVd%2F3686EX2Y5SL2u3v8Rytsp%2FhvDGhRxh5UNiVcMfecV%2FtIoM08rNsZwBt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85694c4999818dd2-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
duval.co.nz/wp-includes/js/jquery/ 86 KB
31 KB 233ms
230ms Script
application/javascript 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 08 Nov 2023 07:00:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7ENHeFhkWNZFfN28fVDMsywpaFnRdk%2FVNmt0leTFbBmaQKUbgUzkPcRYkN8vaRtGopXAQgEQdv9NVK47vyXrozej8MZGT%2FWbg%2FAVL%2BCrKRAnOkpPseAg0YPbjScTd1dsHbMzN7buGtb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85694c4999828dd2-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
duval.co.nz/wp-includes/js/jquery/ 13 KB
5 KB 149ms
146ms Script
application/javascript 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 09 Aug 2023 07:00:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olkj81JlScIbclSfPNtIvOV5K6y3HjstvHrBf0IocG6tBVMwR%2FdNLc9yk4FKZGKP8BKJgBv3Em8%2BMh71ydltBm%2BWU4dloE8kzRhLLUHFxRjenjuQqnDAwLibctcRTuFDagZq5s6ZqCTe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85694c4999848dd2-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo-duval-black.svg
duval.co.nz/wp-content/uploads/2023/01/ 1009 B
939 B 169ms
166ms Image
image/svg+xml 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duval.co.nz/wp-content/uploads/2023/01/logo-duval-black.svg

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31903cf6b338e0aa987c9597d776c466e89649106aea1a9c3e0afa7bd256e297

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Jan 2023 04:16:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=242jUCHKu%2BiH4FvzOJ2dyg66dR9pYT41xxBqDroOXUoX9nCKhDCnEEbk15G3Dzn6%2F85HdWK6GMitkQP%2FNKaVJ930SzcLvLMj4UjBw2ji3V%2BQ4uxvVxwx%2Bo7ZHmwwY6Fz6VMLvc%2Bmk08L"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 85694c4999858dd2-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 icon-chevron-down.svg
duval.co.nz/wp-content/themes/dvg-theme/assets/images/ 466 B
781 B 265ms
264ms Image
image/svg+xml 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duval.co.nz/wp-content/themes/dvg-theme/assets/images/icon-chevron-down.svg

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff7f742f413372540bb3e2d85fc6c002f234ace01a9a600dadb3a0728ec7f8d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Feb 2023 12:00:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BvUZwp0KxcDSVQtAvucuXSSNKuy7BORXF5TastkjgYkMCjl1PJHio8shec7iQHDDIQf5VscyCJbA%2FV%2BE5gu14U2aiSBPiurUYHh4aw1gkc%2FatCDP8x4FEi1XkHOYFk8tICeLllXu3sj"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 85694c4b3fd2b3f1-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Investment-Opportunity-2-1360x700-1-1920x988.jpg
duval.co.nz/wp-content/uploads/2023/02/ 141 KB
142 KB 141ms
140ms Image
image/jpeg 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duval.co.nz/wp-content/uploads/2023/02/Investment-Opportunity-2-1360x700-1-1920x988.jpg

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e340301e70ec3a682480588bcdb9eddf566deaa2e1f154e5ec33c2565a3c8eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=153563
alt-svc: h3=":443"; ma=86400
content-length: 144389
cf-bgj: imgq:100,h2pri
last-modified: Tue, 28 Feb 2023 10:03:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fl%2Fpt2fGS6nZ9tnmmO85AlkypQcJWc5%2B3mxDCt%2BdPd35tLu0e2eYAsS50i5KcenHjfaJn9e2GJPoIKF%2BFExtPlGEc%2BQ1EB1ZLTCywa3Q02W5Ci%2ByKQr4x8szUfN32CO4t28hFmFdg0Yk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85694c49fd94b3f1-MIA

GET
H3 200 Investment-Opportunity-2-90x550-1.jpg
duval.co.nz/wp-content/uploads/2023/02/ 532 KB
532 KB 296ms
295ms Image
image/jpeg 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duval.co.nz/wp-content/uploads/2023/02/Investment-Opportunity-2-90x550-1.jpg

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2719868b3fb6c8d4249a539ba7f70149bd8aa8e53ebc9590dd173983933bf28

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=618168
alt-svc: h3=":443"; ma=86400
content-length: 544484
cf-bgj: imgq:100,h2pri
last-modified: Tue, 28 Feb 2023 10:04:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwrhjG2qhWG2IKxwErZyx3caHDCEjgt9fKQdFmf73D7kn3XkwZtdzrhwksmGtqKqGRagGXAb1lRJw9aOfNmFkDPuA9kwLXuCeKshioF3PoNQibD6ozwillz2e56b8vc%2FklDsO2QTGOnd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85694c49fd95b3f1-MIA

GET
H3 200 style.css
duval.co.nz/wp-content/uploads/bb-plugin/icons/ultimate-icons/ 17 KB
4 KB 334ms
334ms Stylesheet
text/css 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.7.3.1

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

997ef00c8246be7b9627e199d58857f84fbdf2ff1c114eb6b530486312fac760

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-polished: origSize=21691
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 23 Jan 2023 03:39:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfWbwH9D%2B%2B9jA1k8ub0LLnss9OjlISbYCHlAGlULAHurdFSe0POdWizQqoLx1fc4TMWsoQkrRvQx4sRkDvseY%2BdrafP%2FDovESOiQ3r6S4%2BwzHSIcuvPgPi%2BndcK4OHQBSqezljL4lg%2F4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85694c4aaedeb3f1-MIA

GET
H3 200 logo-duval-white.svg
duval.co.nz/wp-content/uploads/2023/01/ 1 KB
1 KB 257ms
256ms Image
image/svg+xml 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duval.co.nz/wp-content/uploads/2023/01/logo-duval-white.svg

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a899d3aceccdbfb2e62a40d1022b3731e79f3060c0418708c6cebef1c08aea77

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Jan 2023 04:16:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAhshGy6zM%2Fp1VVPRdYzkidNfmtEqs5CL1kaA5cqO%2FzSFK72hQ6T8coFiTBCJjupaGBGfLDOb3hIb4cKT%2FFr2Ag2Vn%2FL48YVmcZSyUv3xopH%2BdsVAVJX6nq1j8ewvRZgyiOFWhQ%2B7hqH"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 85694c4b3fc3b3f1-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 all.min.css
duval.co.nz/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/ 58 KB
13 KB 258ms
255ms Stylesheet
text/css 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.7.3.1

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 03:37:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSt3pi2q81L7wMFcNtZGhuHNLyzx%2BPowfxqTmDNrrQeEDYuM3tqdmzlsHiI0FNmWcmXiat7IgIhD8s%2BRD0%2Fq%2B%2F2BC%2BHtB9dCuzKKaFRuNIGDHRaGdNL2Qe2Akc5A48llYvLNLFlJ9CxG"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85694c4b3fc8b3f1-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 email-decode.min.js Show response
duval.co.nz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 261ms
258ms Script
application/javascript 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 13 Feb 2024 18:12:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"65cbb0fd-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i26upvJHhhCxTXH8qkItO8n4nlV2iuXdoWsHVXOalpbVhIC4MLnc4nclUNvV5kqLAYHXsh4hXo88z8pWY3b5vAReAJAmI%2FMNk1T5lKtLPAr%2BOLLXKGD9fvKwgKGEkWOT3B9Tt6U0DFPL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 85694c4b3fccb3f1-MIA
expires: Sun, 18 Feb 2024 22:41:26 GMT

GET
H3 200 jquery.waypoints.min.js Show response
duval.co.nz/wp-content/plugins/bb-plugin/js/ 9 KB
3 KB 263ms
261ms Script
application/javascript 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/wp-content/plugins/bb-plugin/js/jquery.waypoints.min.js?ver=2.7.3.1

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 03:37:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5iSeLKQDtQG0Lv0inX9ViWuPqCdW9TE2iWdMsTRcTHI6RxTV6FxTfpUWHu48Y%2BKWgpITnoBf4rm%2FTAl0WfjLVHJM55Ue%2FAYxjX5CFKrdS5erkEPmjxfBJXWQjMMYvmVZ%2FWyFx5ftYNS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85694c4b3fcdb3f1-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 index.js Show response
duval.co.nz/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 264ms
262ms Script
application/javascript 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.2

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 03:37:19 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rut8tvTjIgjnDNLrPoqvG548TGJP33xrAKJLTF5KrEqUA%2F4q1CKnmu3WWOGV7bM5QyO2qCsq0vhMWbUfYf52pGyhy9tsZHX%2Ffpidx2QmEYr0QPShGomqrGJva3YbNc8vWj2zZbts2Hpt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
content-encoding: br
cache-control: max-age=14400
cf-ray: 85694c4b3fceb3f1-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 index.js Show response
duval.co.nz/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 264ms
262ms Script
application/javascript 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.2

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 03:37:19 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YxJYdgnt%2BxdyfGAjq1l4GVPsk2G4ls1QUe92DFJc%2F1ZClMam4cruKF8D8Tjj8LEfDplTo6gINC2S%2BK7PCx81vljklvbZEwhZEZoCymXgT%2Fq2SB9zHhJaycn%2BvV85X6rwRx1xdd2b6t3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
content-encoding: br
cache-control: max-age=14400
cf-ray: 85694c4b3fd0b3f1-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 39926733.js Show response
js.hs-scripts.com/ 2 KB
1 KB 218ms
111ms Script
application/javascript 2606:4700::6810:be59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/39926733.js?integration=WordPress&ver=10.2.5

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:be59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47edcad45c3db5568c11b098277e45d76db87b070831a73baa5161ecee9912b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9778f308-ec5b-4ac6-b3c0-418a8c376de5
x-envoy-upstream-service-time: 18
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9778f308-ec5b-4ac6-b3c0-418a8c376de5
last-modified: Fri, 16 Feb 2024 22:41:26 GMT
server: cloudflare
x-trace: 2B8A11108980154DA3E087D4E6F3CD9F94BA84CA06000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://duval.co.nz
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-f7f4ffb8f-lxdtv
access-control-allow-credentials: true
cache-control: public, max-age=90
cf-ray: 85694c4bd9ee0291-MIA
expires: Fri, 16 Feb 2024 22:42:56 GMT

GET
H3 200 functions.js Show response
duval.co.nz/wp-content/themes/dvg-theme/assets/js/ 8 KB
3 KB 264ms
263ms Script
application/javascript 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/wp-content/themes/dvg-theme/assets/js/functions.js?ver=1708123285

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565d2de912355cbf6683fcc7d3470ca1eb5aad3768dd5880a0f8eb5bd3577ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 17 Aug 2023 22:28:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEeUupauwecFLtWIs0cMuKTEPTOkaBoqSWbH0wny3jDUPdadGiC0Opk7Asr2gJFjO50pH23oMLKS8snEdOqOcQ377lmwLAgKGDwObizkdN2ZmgKJVYrkSDqc8UVGsn9DhZ00vpiFE1Cm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85694c4b3fd1b3f1-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 v2.js Show response
js.hsforms.net/forms/embed/ 481 KB
154 KB 235ms
117ms Script
application/javascript 2606:4700::6810:88ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js?ver=10.2.5

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0bce3c69009ee89078e9eed1305d9e6df0ff6ca83bd3fdab59ee0ba03e23b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4708/bundles/project-v2.js&cfRay=85694c4be8cf220f-MIA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"6c024a19bf6fceb0d8b66919507353ec"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4708/bundles/project-v2.js
date: Fri, 16 Feb 2024 22:41:26 GMT
x-amz-version-id: K1IDq5oXgFf6Gf.V6vMhXddDfxNDLbE_
via: 1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: e95da977-72af-4c16-998d-f5b3547a9d81
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: e95da977-72af-4c16-998d-f5b3547a9d81
last-modified: Thu, 15 Feb 2024 14:03:45 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3YXmu10kaY4NMrkQd7jHwb62WxesysPLDn6u4uHVSeKs6TNrYs0cHMP03slAoN5cKx4CLUsuwL66z5kKcjASbIUtRlUK4Rf%2Bv7w93okrQMqW2cvkIHHA7m%2FREA9tq3Tb%2FATCI%2FKCtyo1K7u"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-267kd
cf-ray: 85694c4be8cf220f-MIA
x-amz-cf-id: R0PMvZkGB2zjapkesrGNqLqURJUs4pE_IZ5MQmYpc3vcihQA8x8jMA==

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 209ms
91ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://duval.co.nz/
Origin: https://duval.co.nz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 85694c4beed82281-MIA

GET
H3 200 BeausiteClassicWeb-Clear.woff2
duval.co.nz/wp-content/themes/dvg-theme/assets/fonts/ 72 KB
72 KB 256ms
256ms Font
font/woff2 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/wp-content/themes/dvg-theme/assets/fonts/BeausiteClassicWeb-Clear.woff2

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/wp-content/themes/dvg-theme/style.css?ver=1708123285

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f37afeae07aa503461e4c4f3b035091550445275260bc498a49607570afd0c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://duval.co.nz/wp-content/themes/dvg-theme/style.css?ver=1708123285
Origin: https://duval.co.nz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 12 Feb 2023 12:21:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FYGp8rpR2QGIgR5E0p%2FxWufemrNQ1rzIP117OVM0r%2B1P0hWWqD6eq36PIQJyOBZ35ZVqcavvaQ5Q98w1nlIOwU3GgbdwKrRMHXTX%2BbtlBNzIuupP38YBFDki%2F1P4KG5%2B96tcC5%2Ff3Wy"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85694c4b4fe1b3f1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 73572

GET
H3 200 BeausiteClassicWeb-Bold.woff2
duval.co.nz/wp-content/themes/dvg-theme/assets/fonts/ 72 KB
73 KB 263ms
263ms Font
font/woff2 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/wp-content/themes/dvg-theme/assets/fonts/BeausiteClassicWeb-Bold.woff2

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/wp-content/themes/dvg-theme/style.css?ver=1708123285

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb77042674bb75cfa249507dfd01dd0f414097f250464fc15ee0e1306a6e76e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://duval.co.nz/wp-content/themes/dvg-theme/style.css?ver=1708123285
Origin: https://duval.co.nz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 12 Feb 2023 12:21:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2B7jSUFw57MljMtNg1r8NMTa%2BswJF035ektOTDoJrhObtHEbHe1O2wy50m%2Fde06GxMgFqz8cBVLuBPPRrWxZxYMZDW8cTKTJLFHtVJp5kU8AoajvfJb9FFENjmGJ21zfbiTt%2Fy1e80Ze"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85694c4b4fe5b3f1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 73900

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
93 KB 115ms
113ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NR7WL9MJ0B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPQ3HS4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3048cef996b5042f41db162487a2dde4c1ad033c49a939dbe4d18e643c4dd56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95112
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 16 Feb 2024 22:41:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 277ms
79ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPQ3HS4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Feb 2024 21:51:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2984
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 16 Feb 2024 23:51:42 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
834 B 291ms
83ms Script
application/javascript 2600:141b:9000::b857:ad39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPQ3HS4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000::b857:ad39 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

41b98c57dbe2a6c7a9e86497f1ffcf4ca102e86480be8cef7272a55855324355

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Feb 2024 10:51:32 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=29237
accept-ranges: bytes
content-length: 624

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 273ms
77ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 16 Feb 2024 22:41:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: bM5Mvzwp/+HVEBF6/x5kIWzp0EPJtz5aMi0gU0vUYjIF2tuiQyI5+VxpI05Q+zJhSTumAUOozOgUB0S5yMFcaQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
251 B 692ms
94ms Ping
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-NR7WL9MJ0B&gtm=45je42e0v9103487597z89103458267za200&_p=1708123285837&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=526261746.1708123287&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708123286&sct=1&seg=0&dl=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&dt=Investment%20Opportunities%20-%20Duval&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3185
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NR7WL9MJ0B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 22:41:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://duval.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 237ms
83ms Ping
text/plain 2607:f8b0:4004:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NR7WL9MJ0B&cid=526261746.1708123287&gtm=45je42e0v9103487597z89103458267za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NR7WL9MJ0B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 22:41:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://duval.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Ultimate-Icons.ttf
duval.co.nz/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/ 91 KB
47 KB 143ms
143ms Font
font/ttf 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.7.3.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49f204eb11dd2940cb55d01fbe8f8f2fef9167ff1cb6e22bcecde06c0078f630

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://duval.co.nz/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.7.3.1
Origin: https://duval.co.nz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 23 Jan 2023 03:39:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAdrh2KmgRT%2F28LUk6Aao4hSiPoD5gFafPs7T37BHwwsdgekV44IJnQky2SnKyxeuX6tlbeu%2FOkNXSmJ0yOjc4mBggEtKfCyEQTCiD%2BWLgHIi29htzran45gJFisERQf0wkTOPeIHQRn"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
cf-ray: 85694c4d6b88b3f1-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/39926733/ 69 KB
23 KB 348ms
237ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/39926733/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/39926733.js?integration=WordPress&ver=10.2.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f3173358deb4bcf8600b0c52e5368d49555f1da81e01e3cf89be823e40b4cea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
x-amz-version-id: FRhzPsYexOt9FBqECfMfiud2w4sFZ3hI
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 1C4DMJCF2KZYGE8R
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 8c86ab25-0c5e-4198-a109-9180adcedf16
x-envoy-upstream-service-time: 37
x-amz-id-2: IEQl3hy69UxRld0Bj1Cf/+K7yarx3E29Bufunm6bVEs4s5vILMtCcsvlP+BceXsIDTGsj5PDmO4=
x-evy-trace-listener: listener_https
x-request-id: 8c86ab25-0c5e-4198-a109-9180adcedf16
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 13 Feb 2024 19:31:24 GMT
server: cloudflare
etag: W/"527d319f0805dd2e88204f87b077d75a"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://duval.co.nz
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-hgmm2
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 85694c4e39d3b3e6-MIA
expires: Fri, 16 Feb 2024 22:46:26 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 169ms
62ms Script
application/javascript 2606:4700::6811:e6a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/39926733.js?integration=WordPress&ver=10.2.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e6a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa97d5a93f1d1e252fd0259295827c1a0713d434e3acbd2e33786adfceb534ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
x-amz-version-id: isGrj7bsJKQyiYsmde6FQimVS.PTJSF2
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 378
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.522/bundles/pixels-release.js&cfRay=8569430f4a4b8da8-MIA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: ebf2ff4e-e74b-4ea0-a9cf-9f1a647768b6
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ebf2ff4e-e74b-4ea0-a9cf-9f1a647768b6
last-modified: Thu, 15 Feb 2024 14:51:53 UTC
server: cloudflare
etag: W/"b058f364a6909ff145f5780315cd5784"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-ln7lm
cf-ray: 85694c4e3a778da3-MIA
x-amz-cf-id: SyezXFbcgOOUk02nc5TbqWFYYHhiLhwSCkNlNaIatThNVO4HLPEN1Q==
x-hs-target-asset: adsscriptloaderstatic/static-1.522/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 202ms
91ms Script
application/javascript 2606:4700::6811:599a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/39926733.js?integration=WordPress&ver=10.2.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:599a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c326f96b9af470b51c887a189b1f81d241d6beef4844b37c8add5144fa6f55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://duval.co.nz/
Origin: https://duval.co.nz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
x-amz-version-id: JAkD5shSwdxe4gNEROP8R.wQbdFvcCSE
via: 1.1 b9e3ae23b2e5d7b2e1c159467ba23f34.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: f690f818-953c-4f0c-aadc-c5a5ab2fcd9d
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.451/bundles/project.js&cfRay=85694c4e3f0eb3ef-MIA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f690f818-953c-4f0c-aadc-c5a5ab2fcd9d
last-modified: Wed, 03 Jan 2024 09:59:36 UTC
server: cloudflare
etag: W/"dc52d8d37d1323196ca91b50795df6c4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-qr57v
cf-ray: 85694c4e3f0eb3ef-MIA
x-amz-cf-id: HbUZsA7P7HG6zsAKDpIV7XU29xdJOL0J8HGbbqpldk1vQB-7atOuJg==
x-hs-target-asset: collected-forms-embed-js/static-1.451/bundles/project.js

GET
H2 200 39926733.js Show response
js.hs-analytics.net/analytics/1708123200000/ 66 KB
21 KB 238ms
132ms Script
text/javascript 2606:4700::6810:4fba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1708123200000/39926733.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/39926733.js?integration=WordPress&ver=10.2.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af81839d8859163fce84739278fef3969a4a2e29ee81a6cf2735e1615bb71858

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 1C4EZX69M58VJCTS
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 9d4f704d-ed75-4609-96c1-9b7f0fe3fba3
x-envoy-upstream-service-time: 34
x-amz-id-2: vuxL5lFwTPlNMXaZRru6LHGCATCaHj3KBDnJPxydfmhpkAIKxXd0qySKS2Rsw27xU9uas1slZqZu/1+LBBIXJA==
x-evy-trace-listener: listener_https
x-request-id: 9d4f704d-ed75-4609-96c1-9b7f0fe3fba3
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 03 Jan 2024 17:27:29 GMT
server: cloudflare
etag: W/"d9c4f7299334b558012069af8eb9782a"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-pbs6d
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 85694c4e3f6625a6-MIA
expires: Fri, 16 Feb 2024 22:46:26 GMT

GET
H3 200 wp-emoji-release.min.js Show response
duval.co.nz/wp-includes/js/ 18 KB
5 KB 173ms
172ms Script
application/javascript 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/investment-opportunities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 29 Mar 2023 19:09:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLFS9ns8IWx7D0FAohQQSyqu1m%2F2V4QGDY2NZ9faeLHRgbh1PvcIlW5iyValMP9ZsGdtfYXXUoWoelV9nUY5h6ItwAlF%2F2q2e2IaAw2P5Rho6W70G2mgc7Wdzf7e35vRfTBZUtfazDTk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85694c4dec68b3f1-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK elqCfg.min.js Show response
img07.en25.com/i/ 6 KB
3 KB 282ms
85ms Script
application/x-javascript 104.64.217.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img07.en25.com/i/elqCfg.min.js

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.64.217.63 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-217-63.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 16 Feb 2024 22:41:26 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 09 Jan 2024 21:54:29 GMT
ETag: "20f7706b4643da1:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Fri, 16 Feb 2024 22:41:26 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 80ms
80ms Script
application/javascript 2600:141b:9000::b857:ad39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000::b857:ad39 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Feb 2024 10:51:31 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=26970
accept-ranges: bytes
content-length: 15732

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/39926733/fdabdeac-d6ff-4343-a1d4-1bbac1317af8/ 14 KB
4 KB 265ms
147ms XHR
application/json 2606:4700::6812:c07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/39926733/fdabdeac-d6ff-4343-a1d4-1bbac1317af8/json?hs_static_app=forms-embed&hs_static_app_version=1.4708&X-HubSpot-Static-App-Info=forms-embed-1.4708

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js?ver=10.2.5

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50c906c394f9965e61d5c076e4a46d50826f0e404fa06c8098a9e6c134a0ceeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://duval.co.nz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

X-Origin-Hublet: na1
Date: Fri, 16 Feb 2024 22:41:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Content-Encoding: br
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: a3e751a5-f9d0-4956-80a3-7c124c79457c
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 21
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a3e751a5-f9d0-4956-80a3-7c124c79457c
Server: cloudflare
X-Trace: 2BF9AF4A8AA60D9AAE71B91AC873F45B3BA0D40BC8000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://duval.co.nz
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 85694c4eafbb4bfc-MIA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-bbxhh

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
205 B 93ms
93ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=48458705&t=pageview&_s=1&dl=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&ul=en-us&de=UTF-8&dt=Investment%20Opportunities%20-%20Duval&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=805272696&gjid=784193799&cid=526261746.1708123287&tid=UA-233001486-2&_gid=366167413.1708123287&_r=1&_slc=1&gtm=45He42e0n81TPQ3HS4v9103458267za200&gcd=13l3l3l3l1&dma=0&z=277297993

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://duval.co.nz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 22:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://duval.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 416162233813192 Show response
connect.facebook.net/signals/config/ 61 KB
13 KB 179ms
177ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/416162233813192?v=2.9.147&r=stable&domain=duval.co.nz&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f7fd712ca59a4974a3e696bde5bb01ed022c9c94c1f27645cecab862dcd67d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 16 Feb 2024 22:41:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: NMz5FpGhVkRLInpkUvT87aPdDe2oxBAu2L2Loou1B429x9Y2+vv1WXo9twz+vqbrBLXAYrEumk8sQwIEWSDK8Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4077684&time=1708123286778&url=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4077684&time=1708123286778&url=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4077684%26time%3D1708123286778%26url%3Dhttps%253A%252F%252Fduval.co.nz%252Finvest...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4077684&time=1708123286778&url=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4077684&time=1708123286778&url=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&cookiesTest=true&liSync=true&e_ipv6=AQKWcgd-3-FAXQAAAY20FO...

0
489 B

268ms
154ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4077684&time=1708123286778&url=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&cookiesTest=true&liSync=true&e_ipv6=AQKWcgd-3-FAXQAAAY20FO9q4EipynL_8H7aGclOPQBLGvUB0SaVsq2ujUlTba4uvp8dyg
Requested by: Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:27 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7064AF0DFBBB4E7C91852F5FE8D74F72 Ref B: MIA301000108023 Ref C: 2024-02-16T22:41:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYRh3HLAzOZOtArDL/Ztg==

Redirect headers

date: Fri, 16 Feb 2024 22:41:26 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 19B09E06DE2C44D7864DFD894A4A7F1E Ref B: MIA301000101017 Ref C: 2024-02-16T22:41:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4077684&time=1708123286778&url=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&cookiesTest=true&liSync=true&e_ipv6=AQKWcgd-3-FAXQAAAY20FO9q4EipynL_8H7aGclOPQBLGvUB0SaVsq2ujUlTba4uvp8dyg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYRh3HHGvca2iotm/JLMg==

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 116 B
428 B 116ms
96ms XHR
application/json 2606:4700::6811:599a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=39926733&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:599a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72f74110834ae8c19eff27761ccbec1901e1f4d5da4bf9fa3ef4bf27dd7256b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://duval.co.nz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: deb5ec95-b9dd-4cff-a239-da385d03f345
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: deb5ec95-b9dd-4cff-a239-da385d03f345
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://duval.co.nz
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-scqj6
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 85694c4f289cb3ef-MIA

GET
H2 200 v2.js Show response
js.hsforms.net/forms/embed/ Frame 4115 481 KB
153 KB 65ms
64ms Script
application/javascript 2606:4700::6810:88ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js?ver=10.2.5

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js?ver=10.2.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0bce3c69009ee89078e9eed1305d9e6df0ff6ca83bd3fdab59ee0ba03e23b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-encoding: br
age: 1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4708/bundles/project-v2.js&cfRay=85694c4be8cf220f-MIA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"6c024a19bf6fceb0d8b66919507353ec"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4708/bundles/project-v2.js
date: Fri, 16 Feb 2024 22:41:27 GMT
x-amz-version-id: K1IDq5oXgFf6Gf.V6vMhXddDfxNDLbE_
via: 1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: e95da977-72af-4c16-998d-f5b3547a9d81
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: e95da977-72af-4c16-998d-f5b3547a9d81
last-modified: Thu, 15 Feb 2024 14:03:45 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZU2If%2FoSYGD1sltZO4kqrNC1vDpWWucXb4Lxon45QOj8NlM%2Fub7Bf%2FDa4%2BWxzI9P7QcYzu6Zxe1HvON2pV4ZFHeIFUsNNAQmFS8s22LY%2Bh2WFZO1I0Ex9h4cncrwwy4c68I0yGzpqHeGFfl"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-267kd
cf-ray: 85694c4fbcf7220f-MIA
x-amz-cf-id: R0PMvZkGB2zjapkesrGNqLqURJUs4pE_IZ5MQmYpc3vcihQA8x8jMA==

GET
H/1.1

200
OK

svrGP.aspx
s2137399.t.eloqua.com/visitor/v200/
Redirect Chain

https://s2137399.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=2137399&ref2=elqNone&tzo=600&ms=972&optin=disabled
https://s2137399.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2137399&ref2=elqNone&tzo=600&ms=972&optin=disabled&elqCookie=1

49 B
448 B

375ms
374ms

Image
image/gif

192.29.154.251
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2137399.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2137399&ref2=elqNone&tzo=600&ms=972&optin=disabled&elqCookie=1

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

HTTP/1.1

Server

192.29.154.251 Bungarribee, Australia, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Fri, 16 Feb 2024 22:41:27 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Fri, 16 Feb 2024 22:41:27 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Location: https://s2137399.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2137399&ref2=elqNone&tzo=600&ms=972&optin=disabled&elqCookie=1
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 270
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 269ms
77ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=416162233813192&ev=PageView&dl=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&rl=&if=false&ts=1708123286993&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.2.1708123286991.1780925348&cs_est=true&ler=empty&cdl=API_unavailable&it=1708123286769&coo=false&exp=e1&rqm=GET

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 16 Feb 2024 22:41:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 184 B
1 KB 271ms
139ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=39926733

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29ca8c212b8de5d3e753137f7e3eb360f9d4f581ed804800be3fc72e9380bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 116baf21-f298-4fe1-9101-ee0faf7e90da
content-encoding: br
x-envoy-upstream-service-time: 26
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 116baf21-f298-4fe1-9101-ee0faf7e90da
server: cloudflare
x-trace: 2B9E6140808371DC625109C46C0BD6CF09F510F78C000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://duval.co.nz
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-f7f4ffb8f-fs6xl
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0j877xDTkbfX1j4iYjg4XQr9BmNVnFpyGqEDQyjy5BP1vpCqKMEXXDFy7lLvJvSqd6iVCQ%2BUyQgQng%2FGwhs9vlzKlyg5%2FlOW%2Bb%2BysNObnc66qr86Jf3WfyVZ5pOhnx4IkKx6JhmlVTRZOr3"}],"group":"cf-nel","max_age":604800}
cf-ray: 85694c50c9027498-MIA
access-control-allow-headers: *

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
625 B 170ms
114ms Image
image/gif 2606:4700::6812:c07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a5e22921-a16d-4719-b8b3-095dbc55759e
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a5e22921-a16d-4719-b8b3-095dbc55759e
server: cloudflare
x-trace: 2B2857D852F1774ECBCFDFE181C892768F4E2555F6000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-ndvzs
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 85694c50fb69336a-MIA

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
1015 B 235ms
102ms Image
image/gif 2606:4700::6811:cff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: duval.co.nz
URL: https://duval.co.nz/investment-opportunities/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 22:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 8badc590-bd5d-47e5-addd-86c8306a2aac
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8badc590-bd5d-47e5-addd-86c8306a2aac
Server: cloudflare
X-Trace: 2B919F92ACE967488BE10780B83559AF0612D14741000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-9285z
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 85694c51bef95c66-MIA

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
192 B 142ms
141ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://duval.co.nz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Feb 2024 22:41:27 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 603A4025D5FE42289BE6CC672E0A6FAE Ref B: MIA301000101017 Ref C: 2024-02-16T22:41:27Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://duval.co.nz
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYRh3HNcwGUN7BwsinhfA==

GET
H3 200 1051272715888670 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 168ms
167ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1051272715888670?v=2.9.147&r=stable&domain=duval.co.nz&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C118%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C111%2C207%2C144%2C105%2C127%2C120%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44026fd7c084f1b7f12bed7fb994274ba5fd2a1a8e5d3976e11ef91176177e2c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 16 Feb 2024 22:41:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: ODgbbsY4BULeasEDXFCjBMg596elvfExpHqf33uLGYCZKQsmeAH27K5rDYpJQnxm8h6BoT7VmyfCDwTSAStQdw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 39926733.js Show response
js-na1.hs-scripts.com/ 2 KB
796 B 150ms
149ms Script
application/javascript 2606:4700::6810:be59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-na1.hs-scripts.com/39926733.js

Requested by

Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1708123200000/39926733.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:be59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47edcad45c3db5568c11b098277e45d76db87b070831a73baa5161ecee9912b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 64652173-bb24-49f4-aa2c-e01ae5970bf6
x-envoy-upstream-service-time: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 64652173-bb24-49f4-aa2c-e01ae5970bf6
last-modified: Fri, 16 Feb 2024 22:41:28 GMT
server: cloudflare
x-trace: 2B9260145F985F9C2010686C87C5B6139E112DB26A000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://duval.co.nz
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-f7f4ffb8f-mjtnw
access-control-allow-credentials: true
cf-ray: 85694c587b190291-MIA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
747 B 266ms
159ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=942398903&v=1.1&a=39926733&ct=standard-page&rcu=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&pu=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&t=Investment+Opportunities+-+Duval&cts=1708123288354&vi=779776c8ff978fa75cb05db6173da846&nc=true&u=143351978.779776c8ff978fa75cb05db6173da846.1708123288350.1708123288350.1708123288350.1&b=143351978.1.1708123288350&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ecb13bb3-b718-409a-862c-b2141b558735
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 61
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ecb13bb3-b718-409a-862c-b2141b558735
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCas%2B72CBlRCD8%2BavlvfgaN4aaBVIz8AwB%2FEUqkjUwUPzWh01pHeZnTBfDLOyvA0s86HpZHigRQjjWPKnNB%2FbA3D9ZcQnUKv3k551s%2FAxJsmA582iuQ1gsykGIQj1T9Fa5FylpOO7R9NNra9iozp"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-68f68ffdf9-k2d59
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 85694c591f188dd9-MIA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 208ms
109ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=fdabdeac-d6ff-4343-a1d4-1bbac1317af8&fci=6f0528e7-bc6a-4738-b749-db2a4dd732f2&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=942398903&v=1.1&a=39926733&ct=standard-page&rcu=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&pu=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&t=Investment+Opportunities+-+Duval&cts=1708123288360&vi=779776c8ff978fa75cb05db6173da846&nc=true&u=143351978.779776c8ff978fa75cb05db6173da846.1708123288350.1708123288350.1708123288350.1&b=143351978.1.1708123288350&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:41:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d2b2bc70-8c88-48a5-aa56-73f3eeae08ea
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 14
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d2b2bc70-8c88-48a5-aa56-73f3eeae08ea
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgbK6MBa%2BM9FiwXVKNYI92Ry0HNX%2F%2Fo8Ii0O7fTHCvCBw%2B7mkpAKwRYoEzyNxxnDo4wdaU7LVQTpl9FJ7CpAyAkTQeGhMzozGOu1uXsZum1fWo4mmWoLu2XXIHUWqcuqL%2B%2BhJpHbnw3jvdmmBuFc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-68f68ffdf9-zrmfx
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 85694c591f1a8dd9-MIA
x-robots-tag: none

POST
H3 204 rum Show response
duval.co.nz/cdn-cgi/ 0
138 B 113ms
110ms XHR
text/plain 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duval.co.nz/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://duval.co.nz/investment-opportunities/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: application/json

Response headers

date: Fri, 16 Feb 2024 22:41:28 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://duval.co.nz
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 85694c588856b3f1-MIA

GET
H3 200 1405187070323059 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 174ms
173ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1405187070323059?v=2.9.147&r=stable&domain=duval.co.nz&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C118%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C111%2C207%2C144%2C105%2C127%2C120%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

30c429efa39158fe7eb880607aa4c33a6fe074a82b23408cd6579b70f4f55595

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 16 Feb 2024 22:41:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: KrxKahbB4Wm8gaxIENTc+shrUq9hZnJhKM2Kk2IeFNWfDUXZDUdOCx8gZVKk559dNUv1gz9OUxroTyVH6j1LmQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 79ms
78ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1051272715888670&ev=PageView&dl=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&rl=&if=false&ts=1708123288708&sw=1600&sh=1200&ud[external_id]=779776c8ff978fa75cb05db6173da846&v=2.9.147&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.2.1708123286991.1780925348&ler=empty&cdl=API_unavailable&it=1708123286769&coo=false&exp=e1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 16 Feb 2024 22:41:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 79ms
78ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1405187070323059&ev=PageView&dl=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&rl=&if=false&ts=1708123288710&sw=1600&sh=1200&ud[external_id]=779776c8ff978fa75cb05db6173da846&v=2.9.147&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.2.1708123286991.1780925348&ler=empty&cdl=API_unavailable&it=1708123286769&coo=false&exp=e1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 16 Feb 2024 22:41:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 95ms
93ms Ping
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-NR7WL9MJ0B&gtm=45je42e0v9103487597za200&_p=1708123285837&gcd=13l3l3l3l1&npa=0&dma=0&cid=526261746.1708123287&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1708123286&sct=1&seg=0&dl=https%3A%2F%2Fduval.co.nz%2Finvestment-opportunities%2F&dt=Investment%20Opportunities%20-%20Duval&en=scroll&epn.percent_scrolled=90&_et=24&tfd=8212
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NR7WL9MJ0B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duval.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 22:41:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://duval.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.duval.co.nz/	1970-01-21 04:04:43	Name: _ga_NR7WL9MJ0B Value: GS1.1.1708123286.1.0.1708123286.60.0.0
.duval.co.nz/	1970-01-21 04:04:43	Name: _ga Value: GA1.3.526261746.1708123287
.duval.co.nz/	1970-01-20 18:30:09	Name: _gid Value: GA1.3.366167413.1708123287
.duval.co.nz/	1970-01-20 18:28:43	Name: _gat_UA-233001486-2 Value: 1
.duval.co.nz/	1970-01-20 20:38:19	Name: _fbp Value: fb.2.1708123286991.1780925348
.linkedin.com/	1970-01-20 20:38:19	Name: li_sugr Value: 260bd013-a5dd-4d5a-973d-b7e24757bf06
.linkedin.com/	1970-01-21 03:14:19	Name: bcookie Value: "v=2&26621d8a-a893-4097-84f8-7b3a2d401c11"
.linkedin.com/	1970-01-20 18:30:09	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3133:u=1:x=1:i=1708123286:t=1708209686:v=2:sig=AQE5cTLLYEXNWOiObSFkMW8nXflVCNmD"
.linkedin.com/	1970-01-20 19:11:55	Name: UserMatchHistory Value: AQIcpn3o30rxcgAAAY20FO5PqtkGw7Bv2aXHw-FoFKx_TSz0f9i2_XzJD60LPZoa1eCtE-n8w2zO9A
.linkedin.com/	1970-01-20 19:11:55	Name: AnalyticsSyncHistory Value: AQIF2SV1QUMWLAAAAY20FO5QSZLjM4ixCP_DbjACgvTRkP2Q_MWIXGj4h6MEfXU0fZv3wcF3ip4s5o87H3477Q
.www.linkedin.com/	1970-01-21 03:14:19	Name: bscookie Value: "v=1&202402162241279109af72-6141-471e-84d6-a63ece4ac26bAQECvLVPziK8u6AbnK5CTNatqj7nGiMf"
.eloqua.com/	1970-01-21 03:56:01	Name: ELOQUA Value: GUID=4B1F0CB8A66042E1A5490AD0614A3915
.eloqua.com/	1970-01-21 03:56:01	Name: ELQSTATUS Value: OK
.duval.co.nz/	1970-01-20 22:47:55	Name: __hstc Value: 143351978.779776c8ff978fa75cb05db6173da846.1708123288350.1708123288350.1708123288350.1
.duval.co.nz/	1970-01-20 22:47:55	Name: hubspotutk Value: 779776c8ff978fa75cb05db6173da846
.duval.co.nz/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.duval.co.nz/	1970-01-20 18:28:45	Name: __hssc Value: 143351978.1.1708123288350
.hubspot.com/	1970-01-20 18:28:45	Name: __cf_bm Value: 7NHSnv3STL3yudmXHUF75O2ahEpHvaXtEpe4LCAR9AE-1708123288-1.0-AfX/7ycSXdC3v0BszTwI53qFCSUZSbUmj4VedQshwd+zxPKYnpAvIF1/ahxWa6RMWcSOHhqj71Ifu1xyQrqwDf4=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: noTIa0ZEVbvW8xFwPvuncycjLts0nIyI7RLavdbtMo4-1708123288607-0.0-604800000

44 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/416162233813192?v=2.9.147&r=stable&domain=duval.co.nz&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duval.co.nz/investment-opportunities/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.hubapi.com
connect.facebook.net
duval.co.nz
duvalgroup.co.nz
duvalpartners.co.nz
duvalpartners.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
img07.en25.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
px.ads.linkedin.com
px4.ads.linkedin.com
s2137399.t.eloqua.com
snap.licdn.com
static.cloudflareinsights.com
stats.g.doubleclick.net
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
104.64.217.63
13.107.42.14
192.29.154.251
2600:141b:9000::b857:ad39
2606:4700:20::681a:98b
2606:4700:3032::6815:1af1
2606:4700:3036::ac43:b041
2606:4700:3036::ac43:bc45
2606:4700:4400::ac40:991b
2606:4700::6810:3865
2606:4700::6810:4fba
2606:4700::6810:88ce
2606:4700::6810:be59
2606:4700::6811:599a
2606:4700::6811:c9cc
2606:4700::6811:cff9
2606:4700::6811:e6a3
2606:4700::6812:c07d
2606:4700::6813:9a53
2607:f8b0:4004:c0b::9c
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2008
2620:1ec:21::14
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
0f7fd712ca59a4974a3e696bde5bb01ed022c9c94c1f27645cecab862dcd67d2
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f37afeae07aa503461e4c4f3b035091550445275260bc498a49607570afd0c6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29ca8c212b8de5d3e753137f7e3eb360f9d4f581ed804800be3fc72e9380bf84
3048cef996b5042f41db162487a2dde4c1ad033c49a939dbe4d18e643c4dd56b
30c429efa39158fe7eb880607aa4c33a6fe074a82b23408cd6579b70f4f55595
31903cf6b338e0aa987c9597d776c466e89649106aea1a9c3e0afa7bd256e297
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
3651715d01878b30ab267dca0f428d649bf8859f55d4ff5e856feb1a59970777
3e340301e70ec3a682480588bcdb9eddf566deaa2e1f154e5ec33c2565a3c8eb
41b98c57dbe2a6c7a9e86497f1ffcf4ca102e86480be8cef7272a55855324355
44026fd7c084f1b7f12bed7fb994274ba5fd2a1a8e5d3976e11ef91176177e2c
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
47edcad45c3db5568c11b098277e45d76db87b070831a73baa5161ecee9912b0
49f204eb11dd2940cb55d01fbe8f8f2fef9167ff1cb6e22bcecde06c0078f630
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50c906c394f9965e61d5c076e4a46d50826f0e404fa06c8098a9e6c134a0ceeb
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
565d2de912355cbf6683fcc7d3470ca1eb5aad3768dd5880a0f8eb5bd3577ed5
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5
6f3173358deb4bcf8600b0c52e5368d49555f1da81e01e3cf89be823e40b4cea
72f74110834ae8c19eff27761ccbec1901e1f4d5da4bf9fa3ef4bf27dd7256b4
79ebf0ef6e6aba97e322e95ce6466c7c00cba4ee6bace76157e87a7c69e9bd42
7c326f96b9af470b51c887a189b1f81d241d6beef4844b37c8add5144fa6f55d
8fded5370c10c4050b04511d765327cc490bb027a3a0b1d08b7cb59021eca171
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
997ef00c8246be7b9627e199d58857f84fbdf2ff1c114eb6b530486312fac760
9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35
a899d3aceccdbfb2e62a40d1022b3731e79f3060c0418708c6cebef1c08aea77
af81839d8859163fce84739278fef3969a4a2e29ee81a6cf2735e1615bb71858
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
c0bce3c69009ee89078e9eed1305d9e6df0ff6ca83bd3fdab59ee0ba03e23b31
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb77042674bb75cfa249507dfd01dd0f414097f250464fc15ee0e1306a6e76e8
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2719868b3fb6c8d4249a539ba7f70149bd8aa8e53ebc9590dd173983933bf28
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
fa97d5a93f1d1e252fd0259295827c1a0713d434e3acbd2e33786adfceb534ce
ff7f742f413372540bb3e2d85fc6c002f234ace01a9a600dadb3a0728ec7f8d6

duval.co.nz Open in urlscan Pro 2606:4700:20::681a:98b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

95 %HTTPS

88 %IPv6

24 Domains

29 Subdomains

24 IPs

2 Countries

1706 kBTransfer

3888 kBSize

19 Cookies

4 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

duval.co.nz Open in urlscan Pro
2606:4700:20::681a:98b Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

95 %
HTTPS

88 %
IPv6

24
Domains

29
Subdomains

24
IPs

2
Countries

1706 kB
Transfer

3888 kB
Size

19
Cookies

60 HTTP transactions
0 data transactions