urlscan.io logo urlscan.io
SecurityTrails logo

secure.agl.com.au Open in urlscan Pro
2a02:26f0:6c00:180::2a53  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://analytics.linkre.direct/clickthrough?id=FA07012B2516472492AA90D2D4B87E31&issuer=aglp&template=AGL0023&url=https%3A%2F%2F...
Effective URL: https://secure.agl.com.au/authorize?client_id=CqzcmZpAZ98mgzGCBBE8to2NO1ZHMbAJ&response_type=token%20id_token&redirect_uri...
Submission: On March 11 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 21 HTTP transactions. The main IP is 2a02:26f0:6c00:180::2a53, located in Ascension Island and belongs to AKAMAI-ASN1, US. The main domain is secure.agl.com.au.
TLS certificate: Issued by DigiCert Global CA G2 on January 2nd 2020. Valid for: a year.
This is the only time secure.agl.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 99.86.3.39 16509 (AMAZON-02)
12 23.45.109.142 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 152.199.23.241 15133 (EDGECAST)
6 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
21 4
1    99.86.3.39 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-39.fra6.r.cloudfront.net
analytics.linkre.direct
12    23.45.109.142 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-109-142.deploy.static.akamaitechnologies.com
myaccount.agl.com.au
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    152.199.23.241 (United States)

ASN15133 (EDGECAST, US)
tags.tiqcdn.com
6    2a02:26f0:6c00:180::2a53 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
secure.agl.com.au
Domain Requested by
12 myaccount.agl.com.au myaccount.agl.com.au
6 secure.agl.com.au myaccount.agl.com.au
secure.agl.com.au
2 fonts.googleapis.com myaccount.agl.com.au
1 tags.tiqcdn.com myaccount.agl.com.au
1 analytics.linkre.direct 1 redirects
21 5

This site contains no links.

Subject Issuer Validity Valid
www.agl.com.au
DigiCert Global CA G2		 2020-01-02 -
2021-01-02		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2017-10-25 -
2020-05-13		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://secure.agl.com.au/authorize?client_id=CqzcmZpAZ98mgzGCBBE8to2NO1ZHMbAJ&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fmyaccount.agl.com.au%2Flogincallback&scope=openid%20name%20email%20nickname%20profile&audience=https%3A%2F%2Fapi.platform.agl.com.au%2F&state=eyJyZXR1cm5VcmwiOiIvP25hdmlnYXRlVXJsPSUyRnNldHRpbmdzJTJGaG9tZXByb2ZpbGUlMkZzZWxlY3QiLCJub25jZSI6Img1aUpLR2NEaEs0eUVCOE12emJmeFNvdDJ%2BNS1qeDhWIn0%3D&prompt=none&nonce=krUk1D4cY7nFXU7BFAQ5pnwu6EekdRwx&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC40In0%3D
Frame ID: C2DF4D8058CBF8A5DC9DF08203BD3140
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://analytics.linkre.direct/clickthrough?id=FA07012B2516472492AA90D2D4B87E31&issuer=aglp&template=AGL002... HTTP 302
    https://myaccount.agl.com.au/d/homeprofile Page URL
  2. https://secure.agl.com.au/authorize?client_id=CqzcmZpAZ98mgzGCBBE8to2NO1ZHMbAJ&response_type=token%20i... Page URL

Page Statistics

21
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

4
IPs

4
Countries

901 kB
Transfer

3846 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://analytics.linkre.direct/clickthrough?id=FA07012B2516472492AA90D2D4B87E31&issuer=aglp&template=AGL0023&url=https%3A%2F%2Fmyaccount.agl.com.au%2Fd%2Fhomeprofile HTTP 302
    https://myaccount.agl.com.au/d/homeprofile Page URL
  2. https://secure.agl.com.au/authorize?client_id=CqzcmZpAZ98mgzGCBBE8to2NO1ZHMbAJ&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fmyaccount.agl.com.au%2Flogincallback&scope=openid%20name%20email%20nickname%20profile&audience=https%3A%2F%2Fapi.platform.agl.com.au%2F&state=eyJyZXR1cm5VcmwiOiIvP25hdmlnYXRlVXJsPSUyRnNldHRpbmdzJTJGaG9tZXByb2ZpbGUlMkZzZWxlY3QiLCJub25jZSI6Img1aUpLR2NEaEs0eUVCOE12emJmeFNvdDJ%2BNS1qeDhWIn0%3D&prompt=none&nonce=krUk1D4cY7nFXU7BFAQ5pnwu6EekdRwx&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC40In0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://analytics.linkre.direct/clickthrough?id=FA07012B2516472492AA90D2D4B87E31&issuer=aglp&template=AGL0023&url=https%3A%2F%2Fmyaccount.agl.com.au%2Fd%2Fhomeprofile HTTP 302
  • https://myaccount.agl.com.au/d/homeprofile

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
homeprofile
myaccount.agl.com.au/d/
Redirect Chain
  • https://analytics.linkre.direct/clickthrough?id=FA07012B2516472492AA90D2D4B87E31&issuer=aglp&template=AGL0023&url=https%3A%2F%2Fmyaccount.agl.com.au%2Fd%2Fhomeprofile
  • https://myaccount.agl.com.au/d/homeprofile
54 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myaccount.agl.com.au/d/homeprofile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.142 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-109-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d14f2c1060f151686af49229a1020072758ef99d9bcd349c2d5b23d89c406b14
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
myaccount.agl.com.au
:scheme
https
:path
/d/homeprofile
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
cache-control
no-cache
content-length
17911
content-type
text/html
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 03:09:41 GMT
accept-ranges
bytes
etag
"80488a8152f7d51:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
date
Wed, 11 Mar 2020 08:29:02 GMT

Redirect headers

status
302
content-type
application/json
content-length
913
location
https://myaccount.agl.com.au/d/homeprofile
date
Wed, 11 Mar 2020 08:29:00 GMT
x-amzn-requestid
2772d351-e666-4a7d-90fa-f0209dd94746
x-amz-apigw-id
JN4j8HujywMF-UA=
x-amzn-trace-id
Root=1-5e68a14c-9ff831a4c436f384477d4875
x-cache
Miss from cloudfront
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
T27TT9PblQT7LS3vvMu8SGz7cbTkNNg-B1LiKB-Cf1Gr_4AtsRXQDg==
icon
fonts.googleapis.com/ 		574 B
468 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: myaccount.agl.com.au
URL: https://myaccount.agl.com.au/d/homeprofile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://myaccount.agl.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 11 Mar 2020 08:29:02 GMT
server
ESF
date
Wed, 11 Mar 2020 08:29:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 Mar 2020 08:29:02 GMT
css
fonts.googleapis.com/ 		11 KB
986 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|Titillium+Web:300,400,600,700
Requested by
Host: myaccount.agl.com.au
URL: https://myaccount.agl.com.au/d/homeprofile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf44267a40489818099f5f7dd9931dee6b2f3b74c7ea6910b63463ca5c2ce160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://myaccount.agl.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 11 Mar 2020 08:29:02 GMT
server
ESF
date
Wed, 11 Mar 2020 08:29:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 Mar 2020 08:29:02 GMT
bootstrap.min.css
myaccount.agl.com.au/css/ 		27 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myaccount.agl.com.au/css/bootstrap.min.css
Requested by
Host: myaccount.agl.com.au
URL: https://myaccount.agl.com.au/d/homeprofile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.142 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-109-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8c71663ee82830625188df725ea6495b4bcef24ddda72b94c5363519be1f24b6
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.agl.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

content-security-policy
default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Mar 2020 13:13:08 GMT
etag
"04a2ea4ddf6d51:0"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
date
Wed, 11 Mar 2020 08:29:03 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
5612
x-xss-protection
1; mode=block
config.js
myaccount.agl.com.au/config/ 		6 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.agl.com.au/config/config.js
Requested by
Host: myaccount.agl.com.au
URL: https://myaccount.agl.com.au/d/homeprofile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.142 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-109-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5de7cc4426d9b81efb14ed85ae73f4e22c1c38f54956b7e13851534d5de909b1
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.agl.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Mar 2020 03:09:40 GMT
etag
"0b2f18052f7d51:0"
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
status
200
cache-control
no-cache
date
Wed, 11 Mar 2020 08:29:03 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
1853
x-xss-protection
1; mode=block
auth0.min.js
myaccount.agl.com.au/scripts/lib/auth0/9.10.4/ 		137 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.agl.com.au/scripts/lib/auth0/9.10.4/auth0.min.js
Requested by
Host: myaccount.agl.com.au
URL: https://myaccount.agl.com.au/d/homeprofile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.142 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-109-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8154d2265862b8f587d2bac861ffec0af5f5c72deb71ef7c928bfe4363e1da46
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.agl.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Mar 2020 13:13:08 GMT
etag
"04a2ea4ddf6d51:0"
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
status
200
date
Wed, 11 Mar 2020 08:29:02 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
36304
x-xss-protection
1; mode=block
p.js
myaccount.agl.com.au/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ 		129 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.agl.com.au/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Requested by
Host: myaccount.agl.com.au
URL: https://myaccount.agl.com.au/d/homeprofile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.142 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-109-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6bd6843b841bbf3425568cf21e1d3cfc62851d96b7ba83d6f2c9ae57bb9ceb68

Request headers

Referer
https://myaccount.agl.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 11 Mar 2020 08:29:03 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=60
content-length
40080
expires
Wed, 11 Mar 2020 08:30:03 GMT
utag.sync.js
tags.tiqcdn.com/utag/agl/myaccount/prod/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/agl/myaccount/prod/utag.sync.js
Requested by
Host: myaccount.agl.com.au
URL: https://myaccount.agl.com.au/d/homeprofile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lab/4ED0) /
Resource Hash
706a7b31865bd20bc05e6905abd1e9ba108cfcb1875d9cc0de0fe0e8c2cf2e35

Request headers

Referer
https://myaccount.agl.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 11 Mar 2020 08:29:02 GMT
content-encoding
gzip
last-modified
Sun, 23 Feb 2020 23:52:17 GMT
server
ECAcc (lab/4ED0)
age
86
etag
"1408711111"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
content-length
1253
expires
Wed, 11 Mar 2020 08:34:02 GMT
icon-header-desktop.svg
myaccount.agl.com.au/svg/ 		11 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myaccount.agl.com.au/svg/icon-header-desktop.svg
Requested by
Host: myaccount.agl.com.au
URL: https://myaccount.agl.com.au/d/homeprofile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.142 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-109-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7c4aade5b0465c65571d8f84caaf683b6c454ee8a029c8dd8c7e43204907c8db
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.agl.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

content-security-policy
default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Mar 2020 13:13:08 GMT
etag
"04a2ea4ddf6d51:0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
date
Wed, 11 Mar 2020 08:29:03 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
4167
x-xss-protection
1; mode=block
icon-header-mobile.svg
myaccount.agl.com.au/svg/ 		11 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myaccount.agl.com.au/svg/icon-header-mobile.svg
Requested by
Host: myaccount.agl.com.au
URL: https://myaccount.agl.com.au/d/homeprofile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.142 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-109-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
87aff9d2abc13659339221284c7fbb61943f5cbad448d6724bd2f87ebf56bd04
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.agl.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

content-security-policy
default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Mar 2020 13:13:08 GMT
etag
"04a2ea4ddf6d51:0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
date
Wed, 11 Mar 2020 08:29:03 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
3449
x-xss-protection
1; mode=block
gg-min.png
myaccount.agl.com.au/img/ 		18 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myaccount.agl.com.au/img/gg-min.png
Requested by
Host: myaccount.agl.com.au
URL: https://myaccount.agl.com.au/d/homeprofile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.142 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-109-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.agl.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

content-security-policy
default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
x-content-type-options
nosniff
last-modified
Tue, 10 Mar 2020 13:13:08 GMT
etag
"04a2ea4ddf6d51:0"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
date
Wed, 11 Mar 2020 08:29:05 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
17926
x-xss-protection
1; mode=block
runtime.5880d61421a4e5e8ebd9.dde5fdb1c99754fbbffe4a9c06262c29.js
myaccount.agl.com.au/ 		10 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.agl.com.au/runtime.5880d61421a4e5e8ebd9.dde5fdb1c99754fbbffe4a9c06262c29.js
Requested by
Host: myaccount.agl.com.au
URL: https://myaccount.agl.com.au/d/homeprofile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.142 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-109-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
84fdb3d1be41b0adfdb63ec655da93c04c286791753d603fc44a62034c8b9839
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.agl.com.au/
Origin
https://myaccount.agl.com.au
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Mar 2020 13:13:08 GMT
etag
"04a2ea4ddf6d51:0"
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
status
200
date
Wed, 11 Mar 2020 08:29:03 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
5245
x-xss-protection
1; mode=block
polyfills.199ffbc88e130230ad23.js
myaccount.agl.com.au/ 		135 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.agl.com.au/polyfills.199ffbc88e130230ad23.js
Requested by
Host: myaccount.agl.com.au
URL: https://myaccount.agl.com.au/d/homeprofile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.142 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-109-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.agl.com.au/
Origin
https://myaccount.agl.com.au
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Mar 2020 13:13:08 GMT
etag
"04a2ea4ddf6d51:0"
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
status
200
date
Wed, 11 Mar 2020 08:29:03 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
45573
x-xss-protection
1; mode=block
vendor.8dc234646e9aac8effcb.js
myaccount.agl.com.au/ 		1 MB
317 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.agl.com.au/vendor.8dc234646e9aac8effcb.js
Requested by
Host: myaccount.agl.com.au
URL: https://myaccount.agl.com.au/d/homeprofile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.142 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-109-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.agl.com.au/
Origin
https://myaccount.agl.com.au
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Mar 2020 13:13:08 GMT
etag
"04a2ea4ddf6d51:0"
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
status
200
date
Wed, 11 Mar 2020 08:29:04 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
320494
x-xss-protection
1; mode=block
main.a7483e2906597b541658.js
myaccount.agl.com.au/ 		2 MB
337 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.agl.com.au/main.a7483e2906597b541658.js
Requested by
Host: myaccount.agl.com.au
URL: https://myaccount.agl.com.au/d/homeprofile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.142 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-109-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.agl.com.au/
Origin
https://myaccount.agl.com.au
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Mar 2020 13:13:08 GMT
etag
"04a2ea4ddf6d51:0"
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
status
200
date
Wed, 11 Mar 2020 08:29:04 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
341201
x-xss-protection
1; mode=block
Primary Request authorize
secure.agl.com.au/ 		614 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.agl.com.au/authorize?client_id=CqzcmZpAZ98mgzGCBBE8to2NO1ZHMbAJ&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fmyaccount.agl.com.au%2Flogincallback&scope=openid%20name%20email%20nickname%20profile&audience=https%3A%2F%2Fapi.platform.agl.com.au%2F&state=eyJyZXR1cm5VcmwiOiIvP25hdmlnYXRlVXJsPSUyRnNldHRpbmdzJTJGaG9tZXByb2ZpbGUlMkZzZWxlY3QiLCJub25jZSI6Img1aUpLR2NEaEs0eUVCOE12emJmeFNvdDJ%2BNS1qeDhWIn0%3D&prompt=none&nonce=krUk1D4cY7nFXU7BFAQ5pnwu6EekdRwx&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC40In0%3D
Requested by
Host: myaccount.agl.com.au
URL: https://myaccount.agl.com.au/scripts/lib/auth0/9.10.4/auth0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::2a53 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
f500921bad9c66f3f6d93a81846d9ab6ba2a2da8b9072f7747ae6875a1213553

Request headers

:method
GET
:authority
secure.agl.com.au
:scheme
https
:path
/authorize?client_id=CqzcmZpAZ98mgzGCBBE8to2NO1ZHMbAJ&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fmyaccount.agl.com.au%2Flogincallback&scope=openid%20name%20email%20nickname%20profile&audience=https%3A%2F%2Fapi.platform.agl.com.au%2F&state=eyJyZXR1cm5VcmwiOiIvP25hdmlnYXRlVXJsPSUyRnNldHRpbmdzJTJGaG9tZXByb2ZpbGUlMkZzZWxlY3QiLCJub25jZSI6Img1aUpLR2NEaEs0eUVCOE12emJmeFNvdDJ%2BNS1qeDhWIn0%3D&prompt=none&nonce=krUk1D4cY7nFXU7BFAQ5pnwu6EekdRwx&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC40In0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
referer
https://myaccount.agl.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://myaccount.agl.com.au/

Response headers

status
429
cache-control
private, no-cache, no-store, must-revalidate
content-type
text/html; charset=utf-8
expires
0
p3p
CP="This site does not specify a policy in the P3P header"
pragma
no-cache
content-length
614
date
Wed, 11 Mar 2020 08:29:05 GMT
set-cookie
bm_sczmz=V%2Ft8PcfaZGia%2Fgp6d2yXAg%3D%3D%3A%3A6JAAkvLju7U5RA%2BW%2B0vcUFrccs6OeLGCPoFCZbEl33oihQ0oXLqhcweWnIFozvKXxuXuo8E2akQqw%2FVgHXWgMKlKGlxJRgTwW07zeDZ%2FbTfaZoDSlg9b54uOZCe2LEpqisQwcjCyaCpopIUdQQ9on8NM1w9ccKivPozuboDnddy%2FQRd%2Bx0v3DZ6hq3nY%2Bjt3d9j%2FEENud8Usf%2B4dXTPVQmb6iMZmVqUPgWGfpeVjqmvnuuYX%2BpdOgF4EjIYU9Nn%2FQLrLfuNLshQu4Qja%2BegBiHf2AcKKXJvPawfa%2FUgTNCThjOo34eHZhCk9HNcBphvoV8mXC1lyUC93giGo84tJVhnFTNLTYxmGadL5AkT%2F1A8KQ%2FM00u%2B7AZe0hWX0sBXayXQ5YFtXvRgINcbc1ZmNXF55hZrTZ1EbVvaLz6XE6m4QHnXKJKWPDH8vsk37KRjcd%2BIP1UBpcfLX71mm2MxrMd8VvV4K0bIDGfxNuRC53Vbm9RYs0yS5NDS9eQobPcJBEJ039KWAPw0avAbwMmHiWYcEfqzoko9Jr3lXTgqEO7f4FufYGTRGEaDv02%2F43AspdqwfmeMG08lbTN%2FVLZIHc4wBPTeBdHYTWx%2BG9SDZHkoVI7Z%2BQeXKQmAnL55DO4YrbcQBTuq8Jh%2BaZn8YuNXN47dSCP%2FPZCmodrjVghXCvxPmK8tyX8pie4jTbRBiW1qBUVPOIvT1lccUQGuvTV8lIwFLK5eXO%2BxHNvt9SLZM%2Bh1ZhVIlQ9K3s7XnFFF7d8O8ZxPuLqnMxj34k%2Bo%2FuYT5xOYe8mugP%2B991nU%2F%2FStQaTU%3D; Path=/; Expires=Wed, 18 Mar 2020 07:59:05 GMT; HttpOnly
j.js
secure.agl.com.au/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ 		0
51 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.agl.com.au/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/j.js
Requested by
Host: secure.agl.com.au
URL: https://secure.agl.com.au/authorize?client_id=CqzcmZpAZ98mgzGCBBE8to2NO1ZHMbAJ&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fmyaccount.agl.com.au%2Flogincallback&scope=openid%20name%20email%20nickname%20profile&audience=https%3A%2F%2Fapi.platform.agl.com.au%2F&state=eyJyZXR1cm5VcmwiOiIvP25hdmlnYXRlVXJsPSUyRnNldHRpbmdzJTJGaG9tZXByb2ZpbGUlMkZzZWxlY3QiLCJub25jZSI6Img1aUpLR2NEaEs0eUVCOE12emJmeFNvdDJ%2BNS1qeDhWIn0%3D&prompt=none&nonce=krUk1D4cY7nFXU7BFAQ5pnwu6EekdRwx&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC40In0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::2a53 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.agl.com.au/authorize?client_id=CqzcmZpAZ98mgzGCBBE8to2NO1ZHMbAJ&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fmyaccount.agl.com.au%2Flogincallback&scope=openid%20name%20email%20nickname%20profile&audience=https%3A%2F%2Fapi.platform.agl.com.au%2F&state=eyJyZXR1cm5VcmwiOiIvP25hdmlnYXRlVXJsPSUyRnNldHRpbmdzJTJGaG9tZXByb2ZpbGUlMkZzZWxlY3QiLCJub25jZSI6Img1aUpLR2NEaEs0eUVCOE12emJmeFNvdDJ%2BNS1qeDhWIn0%3D&prompt=none&nonce=krUk1D4cY7nFXU7BFAQ5pnwu6EekdRwx&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC40In0%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
200
date
Wed, 11 Mar 2020 08:29:06 GMT
content-length
0
f.js
secure.agl.com.au/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.agl.com.au/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/f.js
Requested by
Host: secure.agl.com.au
URL: https://secure.agl.com.au/authorize?client_id=CqzcmZpAZ98mgzGCBBE8to2NO1ZHMbAJ&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fmyaccount.agl.com.au%2Flogincallback&scope=openid%20name%20email%20nickname%20profile&audience=https%3A%2F%2Fapi.platform.agl.com.au%2F&state=eyJyZXR1cm5VcmwiOiIvP25hdmlnYXRlVXJsPSUyRnNldHRpbmdzJTJGaG9tZXByb2ZpbGUlMkZzZWxlY3QiLCJub25jZSI6Img1aUpLR2NEaEs0eUVCOE12emJmeFNvdDJ%2BNS1qeDhWIn0%3D&prompt=none&nonce=krUk1D4cY7nFXU7BFAQ5pnwu6EekdRwx&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC40In0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::2a53 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7

Request headers

Referer
https://secure.agl.com.au/authorize?client_id=CqzcmZpAZ98mgzGCBBE8to2NO1ZHMbAJ&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fmyaccount.agl.com.au%2Flogincallback&scope=openid%20name%20email%20nickname%20profile&audience=https%3A%2F%2Fapi.platform.agl.com.au%2F&state=eyJyZXR1cm5VcmwiOiIvP25hdmlnYXRlVXJsPSUyRnNldHRpbmdzJTJGaG9tZXByb2ZpbGUlMkZzZWxlY3QiLCJub25jZSI6Img1aUpLR2NEaEs0eUVCOE12emJmeFNvdDJ%2BNS1qeDhWIn0%3D&prompt=none&nonce=krUk1D4cY7nFXU7BFAQ5pnwu6EekdRwx&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC40In0%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 11 Mar 2020 08:29:06 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=30672000
content-length
10209
expires
Mon, 01 Mar 2021 08:29:05 GMT
kpf.js
secure.agl.com.au/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fingerprint/script/ 		29 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.agl.com.au/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fingerprint/script/kpf.js?url=/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fingerprint&token=f6a993d1-25bf-b858-f275-0ec678bb3682
Requested by
Host: secure.agl.com.au
URL: https://secure.agl.com.au/authorize?client_id=CqzcmZpAZ98mgzGCBBE8to2NO1ZHMbAJ&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fmyaccount.agl.com.au%2Flogincallback&scope=openid%20name%20email%20nickname%20profile&audience=https%3A%2F%2Fapi.platform.agl.com.au%2F&state=eyJyZXR1cm5VcmwiOiIvP25hdmlnYXRlVXJsPSUyRnNldHRpbmdzJTJGaG9tZXByb2ZpbGUlMkZzZWxlY3QiLCJub25jZSI6Img1aUpLR2NEaEs0eUVCOE12emJmeFNvdDJ%2BNS1qeDhWIn0%3D&prompt=none&nonce=krUk1D4cY7nFXU7BFAQ5pnwu6EekdRwx&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC40In0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::2a53 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
137f78e77309485ea86fde9e66c2f7ab74ea1d635e954bae48f55884b843b726

Request headers

Referer
https://secure.agl.com.au/authorize?client_id=CqzcmZpAZ98mgzGCBBE8to2NO1ZHMbAJ&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fmyaccount.agl.com.au%2Flogincallback&scope=openid%20name%20email%20nickname%20profile&audience=https%3A%2F%2Fapi.platform.agl.com.au%2F&state=eyJyZXR1cm5VcmwiOiIvP25hdmlnYXRlVXJsPSUyRnNldHRpbmdzJTJGaG9tZXByb2ZpbGUlMkZzZWxlY3QiLCJub25jZSI6Img1aUpLR2NEaEs0eUVCOE12emJmeFNvdDJ%2BNS1qeDhWIn0%3D&prompt=none&nonce=krUk1D4cY7nFXU7BFAQ5pnwu6EekdRwx&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC40In0%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
200
pragma
no-cache
date
Wed, 11 Mar 2020 08:29:06 GMT
cache-control
private, no-cache, no-store, must-revalidate
expires
0
content-length
29536
content-type
application/javascript; charset=utf-8
fingerprint
secure.agl.com.au/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ 		0
942 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.agl.com.au/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fingerprint
Requested by
Host: secure.agl.com.au
URL: https://secure.agl.com.au/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fingerprint/script/kpf.js?url=/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fingerprint&token=f6a993d1-25bf-b858-f275-0ec678bb3682
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::2a53 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.agl.com.au/authorize?client_id=CqzcmZpAZ98mgzGCBBE8to2NO1ZHMbAJ&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fmyaccount.agl.com.au%2Flogincallback&scope=openid%20name%20email%20nickname%20profile&audience=https%3A%2F%2Fapi.platform.agl.com.au%2F&state=eyJyZXR1cm5VcmwiOiIvP25hdmlnYXRlVXJsPSUyRnNldHRpbmdzJTJGaG9tZXByb2ZpbGUlMkZzZWxlY3QiLCJub25jZSI6Img1aUpLR2NEaEs0eUVCOE12emJmeFNvdDJ%2BNS1qeDhWIn0%3D&prompt=none&nonce=krUk1D4cY7nFXU7BFAQ5pnwu6EekdRwx&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC40In0%3D
Origin
https://secure.agl.com.au
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 11 Mar 2020 08:29:06 GMT
p3p
CP="This site does not specify a policy in the P3P header"
status
404
cache-control
private, no-cache, no-store, must-revalidate
content-type
text/plain; charset=utf-8
content-length
0
expires
0
error
secure.agl.com.au/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fingerprint/ 		0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.agl.com.au/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fingerprint/error?e=%7B%22stack%22%3A%22Error%3A%20Error%20issuing%20AJAX%20request%20(status%20code%3A%20404)%5Cn%20%20%20%20at%20XMLHttpRequest._0x5c273e.onreadystatechange%20(https%3A%2F%2Fsecure.agl.com.au%2F149e9513-01fa-4fb0-aad4-566afd725d1b%2F2d206a39-8ed7-437e-a3be-862e0f06eea3%2Ffingerprint%2Fscript%2Fkpf.js%3Furl%3D%2F149e9513-01fa-4fb0-aad4-566afd725d1b%2F2d206a39-8ed7-437e-a3be-862e0f06eea3%2Ffingerprint%26token%3Df6a993d1-25bf-b858-f275-0ec678bb3682%3A5%3A16582)%22%2C%22message%22%3A%22Error%20issuing%20AJAX%20request%20(status%20code%3A%20404)%22%2C%22name%22%3A%22Error%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::2a53 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.agl.com.au/authorize?client_id=CqzcmZpAZ98mgzGCBBE8to2NO1ZHMbAJ&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fmyaccount.agl.com.au%2Flogincallback&scope=openid%20name%20email%20nickname%20profile&audience=https%3A%2F%2Fapi.platform.agl.com.au%2F&state=eyJyZXR1cm5VcmwiOiIvP25hdmlnYXRlVXJsPSUyRnNldHRpbmdzJTJGaG9tZXByb2ZpbGUlMkZzZWxlY3QiLCJub25jZSI6Img1aUpLR2NEaEs0eUVCOE12emJmeFNvdDJ%2BNS1qeDhWIn0%3D&prompt=none&nonce=krUk1D4cY7nFXU7BFAQ5pnwu6EekdRwx&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC40In0%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
200
date
Wed, 11 Mar 2020 08:29:07 GMT
content-length
0

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| Fingerprint2 object| a undefined| b undefined| e object| _0x3453 function| _0x33c8

1 Cookies

Domain/Path Name / Value
secure.agl.com.au/ Name: bm_sczmz
Value: Mpa1Itl8lWFpUSYcG67DtA%3D%3D%3A%3AW1wrZIvETLDCksHBOsviZ1wrnrQ0Z9zbLTMLct19BdOXJSbw4irekDVIw%2B%2BREYfpJDT%2Bb690ekGdfTjwmHn1hk34wvR0uQrCPoQf9xrtEm4YbPUDtnXPdxN9GZjkUYTE49ottqrU8bhkLNCLWo1DacYHsB2T1K9ztUb%2BMzJzRE8duAjXSTjM4q88%2FgdkSQBffhOz8GHKOvyUX2%2FPmD9W%2B7oyiwguOR0bZMQ9r%2BBXkXwCEVm%2Bgz11x8VD0u6%2B3%2Fwru8xFoCshxlKrdt3Y1IuxLiGbXSMwT6ciTAwU1WVOK1Rn%2BaqDfbaXkzgoQ2Bg3CVAn%2Fi5C6KmFeN3KNKIwCQ8qLiG3W35ajPx7GmpLmWM4lR8Tu%2BndofaiUmmZN0k33V24EXLnpLmH%2BZRXUJ4DYCURWm4KUGNpfCIt7a5YXseQKVzZQQbKjDyyluOF3DEAOuW6SXn%2FN7wPD%2Bi8ymA%2FYl%2BNju4QrFuugEoir%2FWTfJUQJ%2BEDd7Ivz%2F9WxAt4zqJnxu9tFJe5tL53uoRYZHaIZr1tjn2QgCnVgshCXHmO6zy9SrHGpMu9kIXwxlvaFjagqIOZ3zRgXspJ7TmRD%2BVOO33JbHOQdkLuAcpUWXPSLvSw0xb8Ng%2Fkd58suca%2FztED1x9IMmcaHsiC5A3CgS65RQyymLyzDdLCT%2BLriTMakS%2B5Je6EJhD2C6hQBvLMFCerlQQcfVUrzDpPR1F62XsWnE4QxBLc7HKUZtkdRycwjgcYRstkDTiZuMXdF9ErnSd0v0uXdHDwvMxqUT1Fx2%2Bi%2FBzzyvMMzc7CR6I5jXp%2BO4b44s%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none' ; frame-ancestors 'self' https://www.agl.com.au https://secure2.agl.com.au https://campaign.agl.com.au https://pvt.digital.agl.com.au ; frame-src https://aglenergy.demdex.net https://lpcdn.lpsnmedia.net https://sy.v.liveperson.net https://server.sy.liveperson.net https://sy.msghist.liveperson.net https://sy.msg.liveperson.net https://sy.idp.liveperson.net https://intercept.inmoment.com.au https://app.inmoment.com.au https://feedback.inmoment.com.au https://connect.facebook.net https://staging.myaccount.agl.com.au https://api.quickstream.westpac.com.au https://pciwde.agl.com.au https://secure.agl.com.au https://myaccount.agl.com.au https://ccpayments.api.agl.com.au/ https://secure2.agl.com.au https://www.agl.com.au https://solarcheck.api.agl.com.au/ https://api.agl.com.au/ https://rewards.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://paymentschemes.api.agl.com.au https://billing.api.agl.com.au https://redline.api.agl.com.au https://settings.api.agl.com.au ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; img-src 'self' data: https://www.facebook.com https://www.google-analytics.com https://cm.everesttech.net https://cm.g.doubleclick.net https://vxml4.plavxml.com https://dpm.demdex.net https://www.ambassadorcard.com.au https://lpcdn.lpsnmedia.net https://www.agl.com.au https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.au https://sitecore-web-agl-cd.azurewebsites.net https://www.agl.com.au https://myaccount.agl.com.au ; font-src 'self' https://fonts.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://fonts.googleapis.com https://www.google-analytics.com https://cdn.taboola.com https://vxml4.plavxml.com https://cdn.mouseflow.com https://connect.facebook.net https://trc.taboola.com https://sy.v.liveperson.net https://lptag.liveperson.net https://js-agent.newrelic.com https://accdn.lpsnmedia.net https://www.googletagmanager.com https://lpcdn.lpsnmedia.net https://stats.agl.com.au https://cdn.auth0.com https://bam.nr-data.net https://intercept.inmoment.com.au https://intercept-client.inmoment.com.au https://api.quickstream.westpac.com.au ; connect-src 'self' https://dpm.demdex.net https://trc.taboola.com https://stats.agl.com.au https://*.tt.omtrdc.net https://www.facebook.com https://api.platform.agl.com.au https://bam.nr-data.net wss://sy.msg.liveperson.net https://intercept.inmoment.com.au https://www.google-analytics.com https://stats.g.doubleclick.net https://z3.objectstorage.liveperson.net https://www.agl.com.au https://sts.agl.com.au https://api.agl.com.au/ https://redline.api.agl.com.au https://settings.api.agl.com.au https://product.api.agl.com.au https://moveandjoin.api.agl.com.au https://storedpayments.api.agl.com.au https://solarcheck.api.agl.com.au/ https://paymentschemes.api.agl.com.au https://concession.api.agl.com.au https://homeprofiles.api.agl.com.au https://billing.api.agl.com.au https://rewards.api.agl.com.au https://personalisation.api.agl.com.au https://decisioning.api.agl.com.au https://energyinsights.api.agl.com.au https://api.paypal.com https://apipayment.agl.com.au https://ccpayments.api.agl.com.au/ https://aeo.agl.com.au https://secure.agl.com.au https://prod-api.platform.agl.com.au ; media-src https://lpcdn.lpsnmedia.net ; report-uri https://sg1.agl.com.au:8088/services/collector/raw?token=A932110E-6A64-4E63-9A67-E8C84587EB0E&channel=A932110E-6A64-4E63-9A67-E8C84587EB0E
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block