secure.eccreditcontrol.com Open in urlscan Pro
202.137.242.170  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login Show response secure.eccreditcontrol.com/nz/	9 KB 10 KB	1199ms 525ms	Document text/html	202.137.242.170 NOWNEW-AS-AP NOW ...
General Check archive.org Show headers Download Go to Full URL https://secure.eccreditcontrol.com/nz/login?&tab=debtor Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 202.137.242.170 Napier City, New Zealand, ASN9876 (NOWNEW-AS-AP NOW New Zealand Ltd., NZ), Reverse DNS mail.eccreditcontrol.com Software / Resource Hash da9356c8a96b16222e9d4fc70ce49332ccaeec40dbc8c283c2a052b1455baa43 Security Headers Name Value Content-Security-Policy frame-src 'self' https://ws.centrix.co.nz https://payments.paystation.co.nz https://sec.windcave.com; Strict-Transport-Security max-age=31536000; includeSubDomains; X-Content-Security-Policy frame-src 'self' https://payments.paystation.co.nz https://sec.windcave.com; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers Cache-Control no-cache, private Content-Length 8883 Content-Security-Policy frame-src 'self' https://ws.centrix.co.nz https://payments.paystation.co.nz https://sec.windcave.com; Content-Type text/html; charset=UTF-8 Date Wed, 23 Nov 2022 00:57:22 GMT Server Strict-Transport-Security max-age=31536000; includeSubDomains; X-Content-Security-Policy frame-src 'self' https://payments.paystation.co.nz https://sec.windcave.com; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-WebKit-CSP frame-src 'self' https://payments.paystation.co.nz https://sec.windcave.com;
GET H/1.1	200 OK	app.es5.js Show response secure.eccreditcontrol.com/js/	1 MB 1 MB	130ms 130ms	Script application/javascript	202.137.242.170 NOWNEW-AS-AP NOW ...
General Check archive.org Show headers Download Go to Full URL https://secure.eccreditcontrol.com/js/app.es5.js?id=3ebab51ec1bac05b4c5205391fb43d4c Requested by Host: secure.eccreditcontrol.com URL: https://secure.eccreditcontrol.com/nz/login?&tab=debtor Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 202.137.242.170 Napier City, New Zealand, ASN9876 (NOWNEW-AS-AP NOW New Zealand Ltd., NZ), Reverse DNS mail.eccreditcontrol.com Software / Resource Hash ddbce8c94f12f470af6c9b5ac54ae98c27c2fdbb3f015ae046474ad15e8c9d65 Security Headers Name Value Content-Security-Policy frame-src 'self' https://ws.centrix.co.nz https://payments.paystation.co.nz https://sec.windcave.com; Strict-Transport-Security max-age=31536000; includeSubDomains; X-Content-Security-Policy frame-src 'self' https://payments.paystation.co.nz https://sec.windcave.com; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/nz/login?&tab=debtor User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Security-Policy frame-src 'self' https://ws.centrix.co.nz https://payments.paystation.co.nz https://sec.windcave.com; Strict-Transport-Security max-age=31536000; includeSubDomains; X-Content-Type-Options nosniff Date Wed, 23 Nov 2022 00:57:22 GMT Last-Modified Sun, 13 Nov 2022 16:30:30 GMT Server ETag "f82a133f7df7d81:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Accept-Ranges bytes X-WebKit-CSP frame-src 'self' https://payments.paystation.co.nz https://sec.windcave.com; Content-Length 1049242 X-Content-Security-Policy frame-src 'self' https://payments.paystation.co.nz https://sec.windcave.com;
GET H2	200	css fonts.googleapis.com/	5 KB 1 KB	817ms 272ms	Stylesheet text/css	172.253.118.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Raleway:300,400,600 Requested by Host: secure.eccreditcontrol.com URL: https://secure.eccreditcontrol.com/nz/login?&tab=debtor Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f95.1e100.net Software ESF / Resource Hash c3e991866326d8dbc0284f67bda193a979970b6b46e39ea572a648ef5dc8eee1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 23 Nov 2022 00:57:42 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 23 Nov 2022 00:10:01 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 23 Nov 2022 00:57:42 GMT
GET H2	200	all.css use.fontawesome.com/releases/v5.1.1/css/	45 KB 10 KB	476ms 164ms	Stylesheet text/css	172.64.133.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.1.1/css/all.css Requested by Host: secure.eccreditcontrol.com URL: https://secure.eccreditcontrol.com/nz/login?&tab=debtor Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.133.15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d98121a51ed3f911f519cf42be28225dc26b4c9d61cfab0a580118e5c3447463 Request headers Referer https://secure.eccreditcontrol.com/ Origin https://secure.eccreditcontrol.com accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 23 Nov 2022 00:57:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id MT2AVWZV1DHBTS3T age 179408 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 7kOPflaGeucNkTOl4P1kHGzYSqfrFAqF7NsSbzMR0Le61b+xrFMrwC+7sK+ZoqitJAABb6DJj3Y= last-modified Wed, 30 Jun 2021 15:30:50 GMT server cloudflare etag W/"597b70b2ce6b1483f72526c906918fe9" access-control-max-age 3000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eH2TPUPQuCO2siCJZC7i2xAbR%2Fjb9ZfyRVgz305W5WLsjul5sCIba1ZA0MFEVV6HHkPmsO0KMV1qrDHjy%2BIcaujhP5OON5j7WNk88HkDspfEWk5kEy5XX5NkRvIWGQWnxLRYv%2BqT"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 76e5f3c74a95a86a-SYD
GET H/1.1	200 OK	app.css secure.eccreditcontrol.com/css/	237 KB 238 KB	648ms 393ms	Stylesheet text/css	202.137.242.170 NOWNEW-AS-AP NOW ...
General Check archive.org Show headers Download Go to Full URL https://secure.eccreditcontrol.com/css/app.css?id=ac2968b4e5430b54df6f3b5ca4466ce0 Requested by Host: secure.eccreditcontrol.com URL: https://secure.eccreditcontrol.com/nz/login?&tab=debtor Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 202.137.242.170 Napier City, New Zealand, ASN9876 (NOWNEW-AS-AP NOW New Zealand Ltd., NZ), Reverse DNS mail.eccreditcontrol.com Software / Resource Hash 162a3f54136cadb36aae04fc87c2e2f09c9aafa288217967267df5235428aac5 Security Headers Name Value Content-Security-Policy frame-src 'self' https://ws.centrix.co.nz https://payments.paystation.co.nz https://sec.windcave.com; Strict-Transport-Security max-age=31536000; includeSubDomains; X-Content-Security-Policy frame-src 'self' https://payments.paystation.co.nz https://sec.windcave.com; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/nz/login?&tab=debtor User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Security-Policy frame-src 'self' https://ws.centrix.co.nz https://payments.paystation.co.nz https://sec.windcave.com; Strict-Transport-Security max-age=31536000; includeSubDomains; X-Content-Type-Options nosniff Date Wed, 23 Nov 2022 00:57:23 GMT Last-Modified Wed, 22 Jun 2022 07:11:48 GMT Server ETag "3ce7ac56786d81:0" X-Frame-Options SAMEORIGIN Content-Type text/css Accept-Ranges bytes X-WebKit-CSP frame-src 'self' https://payments.paystation.co.nz https://sec.windcave.com; Content-Length 243151 X-Content-Security-Policy frame-src 'self' https://payments.paystation.co.nz https://sec.windcave.com;
GET H2	200	js Show response www.googletagmanager.com/gtag/	112 KB 44 KB	821ms 279ms	Script application/javascript	142.250.4.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-165009504-1 Requested by Host: secure.eccreditcontrol.com URL: https://secure.eccreditcontrol.com/nz/login?&tab=debtor Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f97.1e100.net Software Google Tag Manager / Resource Hash a9984552859d278ba1fbeb3f25dc0f640a2af957d234d3b84a096d65a52b6fab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 23 Nov 2022 00:57:44 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 44709 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 23 Nov 2022 00:57:44 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	223 KB 77 KB	317ms 316ms	Script application/javascript	142.250.4.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8M63EFR7ZZ Requested by Host: secure.eccreditcontrol.com URL: https://secure.eccreditcontrol.com/nz/login?&tab=debtor Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f97.1e100.net Software Google Tag Manager / Resource Hash f97123709a01aa6330cb50a946597f7d2be178c56b56bd9d8c67b74bb76bac7d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 23 Nov 2022 00:57:44 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78666 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 23 Nov 2022 00:57:44 GMT
GET H2	200	js Show response maps.googleapis.com/maps/api/	160 KB 53 KB	831ms 285ms	Script text/javascript	172.217.194.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js?key=AIzaSyBcYDe0LCSEFhmo6ETvzMeBpXUFbYhSzPg&libraries=&v=weekly Requested by Host: secure.eccreditcontrol.com URL: https://secure.eccreditcontrol.com/nz/login?&tab=debtor Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f95.1e100.net Software mafe / Resource Hash 9d2899f3a95a9153019138195f0a4ac0ff3a6746f1704c39a4cc56a3f029cc3f Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 23 Nov 2022 00:57:42 GMT content-encoding gzip server mafe vary Accept-Language x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control public, max-age=1800 cross-origin-resource-policy cross-origin server-timing gfet4t7; dur=14 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 53374 x-xss-protection 0 expires Wed, 23 Nov 2022 01:27:42 GMT
GET H/1.1	200 OK	ECC_Logo_WHITE_SMALL.svg secure.eccreditcontrol.com/images/	7 KB 8 KB	131ms 131ms	Image image/svg+xml	202.137.242.170 NOWNEW-AS-AP NOW ...
General Check archive.org Show headers Download Go to Show image Full URL https://secure.eccreditcontrol.com/images/ECC_Logo_WHITE_SMALL.svg Requested by Host: secure.eccreditcontrol.com URL: https://secure.eccreditcontrol.com/nz/login?&tab=debtor Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 202.137.242.170 Napier City, New Zealand, ASN9876 (NOWNEW-AS-AP NOW New Zealand Ltd., NZ), Reverse DNS mail.eccreditcontrol.com Software / Resource Hash 2e554bdb311ce2f991a3efde37c1adaac2866fdf94a1c6ff9e7ed99fdf59c61a Security Headers Name Value Content-Security-Policy frame-src 'self' https://ws.centrix.co.nz https://payments.paystation.co.nz https://sec.windcave.com; Strict-Transport-Security max-age=31536000; includeSubDomains; X-Content-Security-Policy frame-src 'self' https://payments.paystation.co.nz https://sec.windcave.com; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/nz/login?&tab=debtor User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Security-Policy frame-src 'self' https://ws.centrix.co.nz https://payments.paystation.co.nz https://sec.windcave.com; Strict-Transport-Security max-age=31536000; includeSubDomains; X-Content-Type-Options nosniff Date Wed, 23 Nov 2022 00:57:26 GMT Last-Modified Tue, 10 Mar 2020 01:07:41 GMT Server ETag "e227a14c78f6d51:0" X-Frame-Options SAMEORIGIN Content-Type image/svg+xml Accept-Ranges bytes X-WebKit-CSP frame-src 'self' https://payments.paystation.co.nz https://sec.windcave.com; Content-Length 7367 X-Content-Security-Policy frame-src 'self' https://payments.paystation.co.nz https://sec.windcave.com;
GET H2	200	gtm.js Show response www.googletagmanager.com/	126 KB 47 KB	620ms 619ms	Script application/javascript	142.250.4.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-P3VVLC3 Requested by Host: secure.eccreditcontrol.com URL: https://secure.eccreditcontrol.com/nz/login?&tab=debtor Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f97.1e100.net Software Google Tag Manager / Resource Hash cc1971f1e6ab1a035396d6ec495a9e80b878f722fcf19f3d75c38f6375a68a36 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 23 Nov 2022 00:57:44 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48331 x-xss-protection 0 last-modified Wed, 23 Nov 2022 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 23 Nov 2022 00:57:44 GMT
GET H3	200	gen_204 Show response maps.googleapis.com/maps/api/mapsjs/	3 B 45 B	811ms 272ms	XHR application/json	172.217.194.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBcYDe0LCSEFhmo6ETvzMeBpXUFbYhSzPg&libraries=&v=weekly Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.194.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f95.1e100.net Software scaffolding on HTTPServer2 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 23 Nov 2022 00:57:45 GMT content-encoding gzip x-content-type-options nosniff server scaffolding on HTTPServer2 vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://secure.eccreditcontrol.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23 x-xss-protection 0
GET H2	200	1Ptug8zYS_SKggPNyC0ITw.woff2 fonts.gstatic.com/s/raleway/v28/	45 KB 46 KB	812ms 270ms	Font font/woff2	142.250.4.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Raleway:300,400,600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f94.1e100.net Software sffe / Resource Hash 405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://secure.eccreditcontrol.com accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sun, 20 Nov 2022 06:38:39 GMT x-content-type-options nosniff age 238746 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46524 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:58:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 20 Nov 2023 06:38:39 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	223 KB 77 KB	445ms 445ms	Script application/javascript	142.250.4.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8M63EFR7ZZ&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-165009504-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f97.1e100.net Software Google Tag Manager / Resource Hash b4807d0ae127a439da3f56216566bd314da0ca2b05218aa0061d2d3a1e26e5d1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 23 Nov 2022 00:57:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78729 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 23 Nov 2022 00:57:45 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	813ms 270ms	Script text/javascript	172.217.194.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-165009504-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f101.1e100.net Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 22 Nov 2022 23:53:02 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 3883 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Wed, 23 Nov 2022 01:53:02 GMT
POST H2	204	collect www.google-analytics.com/g/	0 178 B	566ms 364ms	Ping text/plain	172.217.194.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-8M63EFR7ZZ&gtm=2oeb90&_p=1224608277&cid=370968157.1669165065&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669165065&sct=1&seg=0&dl=https%3A%2F%2Fsecure.eccreditcontrol.com%2Fnz%2Flogin%3F%26tab%3Ddebtor&dt=Login%20%7C%20EC%20Credit%20Control&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8M63EFR7ZZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f101.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Wed, 23 Nov 2022 00:57:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://secure.eccreditcontrol.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	103 KB 28 KB	961ms 320ms	Script application/x-javascript	157.240.7.26 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: secure.eccreditcontrol.com URL: https://secure.eccreditcontrol.com/nz/login?&tab=debtor Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.7.26 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-sin6.fbcdn.net Software / Resource Hash d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 23 Nov 2022 00:57:46 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27340 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug XK+jJscJL/ho4K7Qi0Lq81tbbZPWH924B2Azp0YEHszP6z2YUXXyeQjrLcO8jHxt0j6bYFTdQuZ/ciNFI8NpTA== x-fb-trip-id 548340344 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 91 B	571ms 270ms	XHR text/plain	172.217.194.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1224608277&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.eccreditcontrol.com%2Fnz%2Flogin%3F%26tab%3Ddebtor&ul=en-us&de=UTF-8&dt=Login%20%7C%20EC%20Credit%20Control&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1617546106&gjid=339776146&cid=370968157.1669165065&tid=UA-165009504-1&_gid=865011498.1669165066&_r=1&gtm=2oub90&z=1261708601 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f101.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://secure.eccreditcontrol.com/ accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 23 Nov 2022 00:57:46 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://secure.eccreditcontrol.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 66 B	571ms 270ms	XHR text/plain	172.217.194.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1224608277&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.eccreditcontrol.com%2Fnz%2Flogin%3F%26tab%3Ddebtor&ul=en-us&de=UTF-8&dt=Login%20%7C%20EC%20Credit%20Control&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=927397653&gjid=588500896&cid=370968157.1669165065&tid=UA-165009504-2&_gid=865011498.1669165066&_r=1&gtm=2wgb90P3VVLC3&z=2106752577 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f101.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://secure.eccreditcontrol.com/ accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 23 Nov 2022 00:57:46 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://secure.eccreditcontrol.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	628717531138976 Show response connect.facebook.net/signals/config/	293 KB 84 KB	830ms 528ms	Script application/x-javascript	157.240.7.26 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/628717531138976?v=2.9.89&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.7.26 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-sin6.fbcdn.net Software / Resource Hash 04763b9dc63e6a12d2ac3e71516a2945d9e9609aea2e754a3d7719debaf695a8 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 23 Nov 2022 00:57:47 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug 2xhVmpoEfpBEAM0lOpCUf+I1qKghHhat6NmZtAkYVDZOSug/6INFPBvDorHv6M71nSx0+RF5aesCOaVqc01Qew== x-fb-trip-id 548340344 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	612046679475878 Show response connect.facebook.net/signals/config/	293 KB 84 KB	566ms 566ms	Script application/x-javascript	157.240.7.26 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/612046679475878?v=2.9.89&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.7.26 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-sin6.fbcdn.net Software / Resource Hash 78a747f47757749a6bc2522aa1a500c7ac80d8ef2d253a9412788d6afc7cce89 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 23 Nov 2022 00:57:48 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug VwgwKfbD3L1TQ3r8gXZ8zaGU0bIJcGbubAXVCtJONDoK0zpBIEpUGiip5aoiHqB2/NFfta0xKNQcF9fAGZABWw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	961ms 320ms	Image text/plain	157.240.7.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=628717531138976&ev=PageView&dl=https%3A%2F%2Fsecure.eccreditcontrol.com%2Fnz%2Flogin%3F%26tab%3Ddebtor&rl=&if=false&ts=1669165068010&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669165068009.889767849&it=1669165066739&coo=false&rqm=GET Requested by Host: secure.eccreditcontrol.com URL: https://secure.eccreditcontrol.com/nz/login?&tab=debtor Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-sin6.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 23 Nov 2022 00:57:48 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/tr/	0 54 B	620ms 318ms	Image text/plain	157.240.7.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=612046679475878&ev=PageView&dl=https%3A%2F%2Fsecure.eccreditcontrol.com%2Fnz%2Flogin%3F%26tab%3Ddebtor&rl=&if=false&ts=1669165069234&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669165068009.889767849&it=1669165066739&coo=false&rqm=GET Requested by Host: secure.eccreditcontrol.com URL: https://secure.eccreditcontrol.com/nz/login?&tab=debtor Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-sin6.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 23 Nov 2022 00:57:49 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	/ www.facebook.com/tr/	0 18 B	362ms 319ms	Image text/plain	157.240.7.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=628717531138976&ev=Microdata&dl=https%3A%2F%2Fsecure.eccreditcontrol.com%2Fnz%2Flogin%3F%26tab%3Ddebtor&rl=&if=false&ts=1669165069513&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%20%7C%20EC%20Credit%20Control%22%2C%22meta%3Adescription%22%3A%22Proactive%20online%20debt%20collection.%20Advanced%20and%20effective%20system%20to%20improve%20your%20cashflow.%20Sign%20up%20today.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669165068009.889767849&it=1669165066739&coo=false&es=automatic&tm=3&rqm=GET Requested by Host: secure.eccreditcontrol.com URL: https://secure.eccreditcontrol.com/nz/login?&tab=debtor Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-sin6.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 23 Nov 2022 00:57:49 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
GET H2	200	common.js Show response maps.googleapis.com/maps-api-v3/api/js/51/1/intl/en_gb/	248 KB 69 KB	572ms 270ms	Script text/javascript	172.217.194.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/51/1/intl/en_gb/common.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBcYDe0LCSEFhmo6ETvzMeBpXUFbYhSzPg&libraries=&v=weekly Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f95.1e100.net Software sffe / Resource Hash d59373f8c426e88ede934bf44ddb2cfbbf55dbd6bace0a64c93dbc78c334271f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 18:43:07 GMT content-encoding gzip x-content-type-options nosniff age 540883 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 69667 x-xss-protection 0 last-modified Mon, 14 Nov 2022 21:36:41 GMT server sffe cross-origin-opener-policy same-origin; report-to="maps-api-js" vary Accept-Encoding, Origin report-to {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 16 Nov 2023 18:43:07 GMT
GET H2	200	util.js Show response maps.googleapis.com/maps-api-v3/api/js/51/1/intl/en_gb/	166 KB 61 KB	797ms 496ms	Script text/javascript	172.217.194.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/51/1/intl/en_gb/util.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBcYDe0LCSEFhmo6ETvzMeBpXUFbYhSzPg&libraries=&v=weekly Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f95.1e100.net Software sffe / Resource Hash ab365c0014252a7d1837bdee9276741895ff9238e3892ddf3a763822be8ccf51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 18:43:07 GMT content-encoding gzip x-content-type-options nosniff age 540883 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62577 x-xss-protection 0 last-modified Mon, 14 Nov 2022 21:36:41 GMT server sffe cross-origin-opener-policy same-origin; report-to="maps-api-js" vary Accept-Encoding, Origin report-to {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 16 Nov 2023 18:43:07 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	275ms 275ms	Ping text/plain	172.217.194.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-8M63EFR7ZZ&gtm=2oeb90&_p=1224608277&cid=370968157.1669165065&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1669165065&sct=1&seg=0&dl=https%3A%2F%2Fsecure.eccreditcontrol.com%2Fnz%2Flogin%3F%26tab%3Ddebtor&dt=Login%20%7C%20EC%20Credit%20Control&en=scroll&epn.percent_scrolled=90&_et=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8M63EFR7ZZ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.194.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f101.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-NZ,en;q=0.9 Referer https://secure.eccreditcontrol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Wed, 23 Nov 2022 00:57:50 GMT server Golfe2 content-type text/plain access-control-allow-origin https://secure.eccreditcontrol.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		/ www.facebook.com/tr/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.facebook.com

URL

https://www.facebook.com/tr/?id=612046679475878&ev=Microdata&dl=https%3A%2F%2Fsecure.eccreditcontrol.com%2Fnz%2Flogin%3F%26tab%3Ddebtor&rl=&if=false&ts=1669165070736&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%20%7C%20EC%20Credit%20Control%22%2C%22meta%3Adescription%22%3A%22Proactive%20online%20debt%20collection.%20Advanced%20and%20effective%20system%20to%20improve%20your%20cashflow.%20Sign%20up%20today.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669165068009.889767849&it=1669165066739&coo=false&es=automatic&tm=3&rqm=GET

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| google object| module$contents$mapsapi$overlay$overlayView_OverlayView function| _get function| _superPropBase function| ownKeys function| _objectSpread function| _defineProperty function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| _classCallCheck function| _defineProperties function| _createClass function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles function| _typeof object| webpackChunkec_credit_portal object| regeneratorRuntime function| _ number| uidEvent function| axios object| Paystation function| Vue object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal function| fbq function| _fbq object| gaplugins object| gaData

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			secure.eccreditcontrol.com/	1970-01-20 07:39:32	Name: XSRF-TOKEN Value: eyJpdiI6Imd0VG1iSTJOYjNMMU9yc2RxSjdQdEE9PSIsInZhbHVlIjoic25CQnJjYk5BZk1PMTJDNDgwa1FkK25oczZ1NXcwSU1EcTFGWTBRbjlqN29YeDFQS0dIaFVNS2FWODY2Z2d1bTMzRGJVQTByN29vdzdrVmhjYjNrREVPU0tRMC9MdXhYVUdQZU9sQm5LYzhzeWtCOWZMeWQvWDNMd1FQSWlNODciLCJtYWMiOiIzMGQxZmQ5OGQ3YTZhNjQyNzlkNjI5NTI2M2RjNzgyNzE0Y2JhNmQ2MDFhMGQyNmM5YWI4MTRlM2NjOTkyNWFkIiwidGFnIjoiIn0%3D
			secure.eccreditcontrol.com/	1970-01-20 07:39:32	Name: laravel_session Value: eyJpdiI6IktQclFJR3hObFo4Ym52eHVhK1R4QVE9PSIsInZhbHVlIjoiczk0NGx6TDdVMkd0clV6OGJJMmVCU3MyK3J2M1puUHhaWDRJc05ZRGpWVGNKNi9KdW1VVG4zWWFEYVpPSGhZWUxMOFgrc2N0b2VXNWpIMG1YQUk1UHVyWmtpMGhHT2dsMm5KTXVCZU42Z3NSeWRNN2xrempvTG9tRURnaVNEZHYiLCJtYWMiOiI0NjNmOGIyNzlhODMxNjVkYzNkZGNhMTg5MjlmM2UwZWJlNzRmMTY5NmQ2MzQ5ZmI3NmQ3MTcyNjgxMTA5NzNmIiwidGFnIjoiIn0%3D
			.eccreditcontrol.com/	1970-01-20 17:15:25	Name: _ga_8M63EFR7ZZ Value: GS1.1.1669165065.1.0.1669165065.0.0.0
			.eccreditcontrol.com/	1970-01-20 17:15:25	Name: _ga Value: GA1.2.370968157.1669165065
			.eccreditcontrol.com/	1970-01-20 07:40:51	Name: _gid Value: GA1.2.865011498.1669165066
			.eccreditcontrol.com/	1970-01-20 07:39:25	Name: _gat_gtag_UA_165009504_1 Value: 1
			.eccreditcontrol.com/	1970-01-20 07:39:25	Name: _gat_UA-165009504-2 Value: 1
			.eccreditcontrol.com/	1970-01-20 09:49:01	Name: _fbp Value: fb.1.1669165068009.889767849

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src 'self' https://ws.centrix.co.nz https://payments.paystation.co.nz https://sec.windcave.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Security-Policy	frame-src 'self' https://payments.paystation.co.nz https://sec.windcave.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
secure.eccreditcontrol.com
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.facebook.com
142.250.4.94
142.250.4.97
157.240.7.26
157.240.7.35
172.217.194.101
172.217.194.95
172.253.118.95
172.64.133.15
202.137.242.170
04763b9dc63e6a12d2ac3e71516a2945d9e9609aea2e754a3d7719debaf695a8
162a3f54136cadb36aae04fc87c2e2f09c9aafa288217967267df5235428aac5
2e554bdb311ce2f991a3efde37c1adaac2866fdf94a1c6ff9e7ed99fdf59c61a
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78a747f47757749a6bc2522aa1a500c7ac80d8ef2d253a9412788d6afc7cce89
9d2899f3a95a9153019138195f0a4ac0ff3a6746f1704c39a4cc56a3f029cc3f
a9984552859d278ba1fbeb3f25dc0f640a2af957d234d3b84a096d65a52b6fab
ab365c0014252a7d1837bdee9276741895ff9238e3892ddf3a763822be8ccf51
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4807d0ae127a439da3f56216566bd314da0ca2b05218aa0061d2d3a1e26e5d1
c3e991866326d8dbc0284f67bda193a979970b6b46e39ea572a648ef5dc8eee1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc1971f1e6ab1a035396d6ec495a9e80b878f722fcf19f3d75c38f6375a68a36
d59373f8c426e88ede934bf44ddb2cfbbf55dbd6bace0a64c93dbc78c334271f
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d98121a51ed3f911f519cf42be28225dc26b4c9d61cfab0a580118e5c3447463
da9356c8a96b16222e9d4fc70ce49332ccaeec40dbc8c283c2a052b1455baa43
ddbce8c94f12f470af6c9b5ac54ae98c27c2fdbb3f015ae046474ad15e8c9d65
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f97123709a01aa6330cb50a946597f7d2be178c56b56bd9d8c67b74bb76bac7d