Submitted URL: http://app.estimateone.com/
Effective URL: https://app.estimateone.com/auth/login
Submission: On March 01 via manual from AU — Scanned from AU

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 13.224.181.98, located in United States and belongs to AMAZON-02, US. The main domain is app.estimateone.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 29th 2023. Valid for: a year.
This is the only time app.estimateone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 13.224.181.98 16509 (AMAZON-02)
19 18.67.111.92 16509 (AMAZON-02)
2 172.217.167.74 15169 (GOOGLE)
1 23.77.149.172 16625 (AKAMAI-AS)
23 4
Apex Domain
Subdomains
Transfer
21 estimateone.com
app.estimateone.com
assets.syd.estimateone.com
2 MB
2 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 369
75 KB
1 ewaypayments.com
secure.ewaypayments.com — Cisco Umbrella Rank: 913498
4 KB
23 3
Domain Requested by
19 assets.syd.estimateone.com app.estimateone.com
2 maps.googleapis.com app.estimateone.com
maps.googleapis.com
2 app.estimateone.com 1 redirects
1 secure.ewaypayments.com app.estimateone.com
23 4

This site contains links to these domains. Also see Links.

Domain
estimateone.com
www.google.com
Subject Issuer Validity Valid
estimateone.com
Amazon RSA 2048 M03
2023-10-29 -
2024-11-26
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
www.eway.com.au
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-01-29 -
2025-02-07
a year crt.sh

This page contains 1 frames:

Primary Page: https://app.estimateone.com/auth/login
Frame ID: DA3DC1A2252EAC38DB6F1FA1B6DD7B24
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

Log in to your EstimateOne account

Page URL History Show full URLs

  1. http://app.estimateone.com/ HTTP 307
    https://app.estimateone.com/ HTTP 302
    https://app.estimateone.com/auth/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Overall confidence: 100%
Detected patterns
  • secure\.ewaypayments\.com

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

2122 kB
Transfer

9081 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.estimateone.com/ HTTP 307
    https://app.estimateone.com/ HTTP 302
    https://app.estimateone.com/auth/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
app.estimateone.com/auth/
Redirect Chain
  • http://app.estimateone.com/
  • https://app.estimateone.com/
  • https://app.estimateone.com/auth/login
13 KB
6 KB
Document
General
Full URL
https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-98.syd1.r.cloudfront.net
Software
nginx /
Resource Hash
136774e43d06aa55760b996174a7d7aea79dc7331867bc293da932a24178d69f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors https: 'self' *.estimateone.com ; script-src https: 'report-sample' 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'nonce-1f470f1e56d1e22a4c06ac167b871379' 'sha256-DrY3Kth66fqFUfYO58aRiAHhiFXiGvI99C9GG19khG4=' 'sha256-g2h72H6PuhO/03N2efOe8vZC7F3y+7SVfjRIrSGGvlM=' 'sha256-9Z5fNKlBGDqsrtJTIqwIVmKEk8LP2Tbe0/3cCklRDlI=' 'strict-dynamic' *.estimateone.com *.appcues.com *.appcues.net assets.customer.io cdn.amplitude.com cdn.segment.com fonts.googleapis.com maps.googleapis.com www.google-analytics.com www.googleoptimize.com www.googletagmanager.com connect.facebook.net snap.licdn.com; script-src-elem https: 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' 'nonce-1f470f1e56d1e22a4c06ac167b871379' 'sha256-DrY3Kth66fqFUfYO58aRiAHhiFXiGvI99C9GG19khG4=' 'sha256-g2h72H6PuhO/03N2efOe8vZC7F3y+7SVfjRIrSGGvlM=' 'sha256-9Z5fNKlBGDqsrtJTIqwIVmKEk8LP2Tbe0/3cCklRDlI=' 'strict-dynamic'; script-src-attr 'report-sample' 'unsafe-hashes' 'self' 'sha256-DrY3Kth66fqFUfYO58aRiAHhiFXiGvI99C9GG19khG4=' 'sha256-g2h72H6PuhO/03N2efOe8vZC7F3y+7SVfjRIrSGGvlM=' 'sha256-9Z5fNKlBGDqsrtJTIqwIVmKEk8LP2Tbe0/3cCklRDlI='; style-src https: 'report-sample' 'self' 'unsafe-inline' 'unsafe-hashes' *.estimateone.com *.appcues.com *.appcues.net fonts.googleapis.com; img-src https: 'self' data: blob: *.estimateone.com http://media.estimateone.com *.appcues.com *.appcues.net rs.fullstory.com s3-ap-southeast-2.amazonaws.com secure.gravatar.com track.customer.io www.google.com www.google.com.au www.googletagmanager.com www.facebook.com px.ads.linkedin.com; connect-src https: 'self' *.estimateone.com *.browser-intake-datadoghq.com *.appcues.com *.appcues.net analytics.google.com api.amplitude.com api.segment.io cdn.segment.com e1-projects-prod-apse2-scope-documents.s3.ap-southeast-2.amazonaws.com edge.fullstory.com maps.googleapis.com maps.googleapis.com o6032.ingest.sentry.io rs.fullstory.com wss://*.appcues.com wss://*.appcues.net www.google-analytics.com www.google.com.au ad.doubleclick.net; font-src https: 'self' data: *.estimateone.com fonts.gstatic.com; frame-src https: 'self' blob: player.vimeo.com *.appcues.com;; manifest-src https: 'self' *.estimateone.com; object-src https: 'self' *.estimateone.com https://s3.ap-southeast-2.amazonaws.com/e1-profiles-dev-apse2-company-logo https://s3.ap-southeast-2.amazonaws.com/e1-profiles-prod-apse2-company-logo https://s3.ap-southeast-2.amazonaws.com/e1-profiles-stage-apse2-company-logo; worker-src 'self' blob:; child-src blob:; media-src https: 'self' data: *.estimateone.com ssl.gstatic.com; base-uri 'self'; report-uri https://o6032.ingest.sentry.io/api/4505786344538112/security/?sentry_key=089f1a7fc522dc44d241b578244de7ba; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
content-security-policy
default-src 'none'; frame-ancestors https: 'self' *.estimateone.com ; script-src https: 'report-sample' 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'nonce-1f470f1e56d1e22a4c06ac167b871379' 'sha256-DrY3Kth66fqFUfYO58aRiAHhiFXiGvI99C9GG19khG4=' 'sha256-g2h72H6PuhO/03N2efOe8vZC7F3y+7SVfjRIrSGGvlM=' 'sha256-9Z5fNKlBGDqsrtJTIqwIVmKEk8LP2Tbe0/3cCklRDlI=' 'strict-dynamic' *.estimateone.com *.appcues.com *.appcues.net assets.customer.io cdn.amplitude.com cdn.segment.com fonts.googleapis.com maps.googleapis.com www.google-analytics.com www.googleoptimize.com www.googletagmanager.com connect.facebook.net snap.licdn.com; script-src-elem https: 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' 'nonce-1f470f1e56d1e22a4c06ac167b871379' 'sha256-DrY3Kth66fqFUfYO58aRiAHhiFXiGvI99C9GG19khG4=' 'sha256-g2h72H6PuhO/03N2efOe8vZC7F3y+7SVfjRIrSGGvlM=' 'sha256-9Z5fNKlBGDqsrtJTIqwIVmKEk8LP2Tbe0/3cCklRDlI=' 'strict-dynamic'; script-src-attr 'report-sample' 'unsafe-hashes' 'self' 'sha256-DrY3Kth66fqFUfYO58aRiAHhiFXiGvI99C9GG19khG4=' 'sha256-g2h72H6PuhO/03N2efOe8vZC7F3y+7SVfjRIrSGGvlM=' 'sha256-9Z5fNKlBGDqsrtJTIqwIVmKEk8LP2Tbe0/3cCklRDlI='; style-src https: 'report-sample' 'self' 'unsafe-inline' 'unsafe-hashes' *.estimateone.com *.appcues.com *.appcues.net fonts.googleapis.com; img-src https: 'self' data: blob: *.estimateone.com http://media.estimateone.com *.appcues.com *.appcues.net rs.fullstory.com s3-ap-southeast-2.amazonaws.com secure.gravatar.com track.customer.io www.google.com www.google.com.au www.googletagmanager.com www.facebook.com px.ads.linkedin.com; connect-src https: 'self' *.estimateone.com *.browser-intake-datadoghq.com *.appcues.com *.appcues.net analytics.google.com api.amplitude.com api.segment.io cdn.segment.com e1-projects-prod-apse2-scope-documents.s3.ap-southeast-2.amazonaws.com edge.fullstory.com maps.googleapis.com maps.googleapis.com o6032.ingest.sentry.io rs.fullstory.com wss://*.appcues.com wss://*.appcues.net www.google-analytics.com www.google.com.au ad.doubleclick.net; font-src https: 'self' data: *.estimateone.com fonts.gstatic.com; frame-src https: 'self' blob: player.vimeo.com *.appcues.com;; manifest-src https: 'self' *.estimateone.com; object-src https: 'self' *.estimateone.com https://s3.ap-southeast-2.amazonaws.com/e1-profiles-dev-apse2-company-logo https://s3.ap-southeast-2.amazonaws.com/e1-profiles-prod-apse2-company-logo https://s3.ap-southeast-2.amazonaws.com/e1-profiles-stage-apse2-company-logo; worker-src 'self' blob:; child-src blob:; media-src https: 'self' data: *.estimateone.com ssl.gstatic.com; base-uri 'self'; report-uri https://o6032.ingest.sentry.io/api/4505786344538112/security/?sentry_key=089f1a7fc522dc44d241b578244de7ba; upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Fri, 01 Mar 2024 02:53:02 GMT
expires
Fri, 01 Mar 2024 02:53:02 GMT
p3p
CP="EstimateOne does not have a P3P policy"
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 291933b5bb7fbb03efd999a83bb9696a.cloudfront.net (CloudFront)
x-amz-cf-id
FR4-S9d9tkdxyAsz-q_x-1tn6JTuoe138sgf2-ERE8l-U2X2myCwrg==
x-amz-cf-pop
SYD1-C2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0, must-revalidate, private
content-security-policy
default-src 'none'; frame-ancestors https: 'self' *.estimateone.com ; script-src https: 'report-sample' 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'nonce-651cf9bb17b6a57bb7aa13b88b0074db' 'sha256-DrY3Kth66fqFUfYO58aRiAHhiFXiGvI99C9GG19khG4=' 'sha256-g2h72H6PuhO/03N2efOe8vZC7F3y+7SVfjRIrSGGvlM=' 'sha256-9Z5fNKlBGDqsrtJTIqwIVmKEk8LP2Tbe0/3cCklRDlI=' 'strict-dynamic' *.estimateone.com *.appcues.com *.appcues.net assets.customer.io cdn.amplitude.com cdn.segment.com fonts.googleapis.com maps.googleapis.com www.google-analytics.com www.googleoptimize.com www.googletagmanager.com connect.facebook.net snap.licdn.com; script-src-elem https: 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' 'nonce-651cf9bb17b6a57bb7aa13b88b0074db' 'sha256-DrY3Kth66fqFUfYO58aRiAHhiFXiGvI99C9GG19khG4=' 'sha256-g2h72H6PuhO/03N2efOe8vZC7F3y+7SVfjRIrSGGvlM=' 'sha256-9Z5fNKlBGDqsrtJTIqwIVmKEk8LP2Tbe0/3cCklRDlI=' 'strict-dynamic'; script-src-attr 'report-sample' 'unsafe-hashes' 'self' 'sha256-DrY3Kth66fqFUfYO58aRiAHhiFXiGvI99C9GG19khG4=' 'sha256-g2h72H6PuhO/03N2efOe8vZC7F3y+7SVfjRIrSGGvlM=' 'sha256-9Z5fNKlBGDqsrtJTIqwIVmKEk8LP2Tbe0/3cCklRDlI='; style-src https: 'report-sample' 'self' 'unsafe-inline' 'unsafe-hashes' *.estimateone.com *.appcues.com *.appcues.net fonts.googleapis.com; img-src https: 'self' data: blob: *.estimateone.com http://media.estimateone.com *.appcues.com *.appcues.net rs.fullstory.com s3-ap-southeast-2.amazonaws.com secure.gravatar.com track.customer.io www.google.com www.google.com.au www.googletagmanager.com www.facebook.com px.ads.linkedin.com; connect-src https: 'self' *.estimateone.com *.browser-intake-datadoghq.com *.appcues.com *.appcues.net analytics.google.com api.amplitude.com api.segment.io cdn.segment.com e1-projects-prod-apse2-scope-documents.s3.ap-southeast-2.amazonaws.com edge.fullstory.com maps.googleapis.com maps.googleapis.com o6032.ingest.sentry.io rs.fullstory.com wss://*.appcues.com wss://*.appcues.net www.google-analytics.com www.google.com.au ad.doubleclick.net; font-src https: 'self' data: *.estimateone.com fonts.gstatic.com; frame-src https: 'self' blob: player.vimeo.com *.appcues.com;; manifest-src https: 'self' *.estimateone.com; object-src https: 'self' *.estimateone.com https://s3.ap-southeast-2.amazonaws.com/e1-profiles-dev-apse2-company-logo https://s3.ap-southeast-2.amazonaws.com/e1-profiles-prod-apse2-company-logo https://s3.ap-southeast-2.amazonaws.com/e1-profiles-stage-apse2-company-logo; worker-src 'self' blob:; child-src blob:; media-src https: 'self' data: *.estimateone.com ssl.gstatic.com; base-uri 'self'; report-uri https://o6032.ingest.sentry.io/api/4505786344538112/security/?sentry_key=089f1a7fc522dc44d241b578244de7ba; upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Fri, 01 Mar 2024 02:53:02 GMT
expires
Fri, 01 Mar 2024 02:53:02 GMT
location
https://app.estimateone.com/auth/login
p3p
CP="EstimateOne does not have a P3P policy"
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 291933b5bb7fbb03efd999a83bb9696a.cloudfront.net (CloudFront)
x-amz-cf-id
-LeA6m4Bu6W_yNnwGgZpGBiCeySj5y79yXH3HbZxTzIztuc4SeQt-g==
x-amz-cf-pop
SYD1-C2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex
x-xss-protection
1; mode=block
vendor-base-f67d5fac8b0201029f11.css
assets.syd.estimateone.com/release/57021/css/
21 KB
4 KB
Stylesheet
General
Full URL
https://assets.syd.estimateone.com/release/57021/css/vendor-base-f67d5fac8b0201029f11.css
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
48ba109395a3627a6ef40b8980429f6a69d19f3cfbffc320c16d76c41a3fbe45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:52:43 GMT
content-encoding
gzip
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
age
21
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:28 GMT
server
AmazonS3
etag
W/"1e809e26715d77780d9404752354aef2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
_LMXiNdZFSTzTqFyMQ8fVafEs4C_lViob88Gizr4Ehce6oY_5Z4gBQ==
vendor-9d0a4ac021f6aca7c6b1.css
assets.syd.estimateone.com/release/57021/css/
1016 B
985 B
Stylesheet
General
Full URL
https://assets.syd.estimateone.com/release/57021/css/vendor-9d0a4ac021f6aca7c6b1.css
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
451a99b19305a9f4ea693867bcdb4cf883dfb611255fa833da55f552eba8908f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:52:43 GMT
content-encoding
gzip
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
age
21
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:28 GMT
server
AmazonS3
etag
W/"8a9f3a12dfb5c6c0a6dfd114593ad6a7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
h6ze3AcSxeAGvyXPtemW-mADWXCSN2om4cb9CWnbqS4SDXh2g1UYqg==
common-50aae0f6b22cc68c1e3c.css
assets.syd.estimateone.com/release/57021/css/
241 KB
38 KB
Stylesheet
General
Full URL
https://assets.syd.estimateone.com/release/57021/css/common-50aae0f6b22cc68c1e3c.css
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd6bc09c3716a35277f6b163169ad15cf35557f60b2972d96db7154048e313a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:52:43 GMT
content-encoding
gzip
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
age
21
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:27 GMT
server
AmazonS3
etag
W/"e7b2b5edbc7094faa43a2d400755e725"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
MI2Ko6Z9kzdbCdMXWaAu68EMG6eu2AnomPPtRcJUEvyiHnOKaRzNBg==
app-63b94001f2e3635377c1.css
assets.syd.estimateone.com/release/57021/css/
1 MB
143 KB
Stylesheet
General
Full URL
https://assets.syd.estimateone.com/release/57021/css/app-63b94001f2e3635377c1.css
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d803d3534064f3ed0e74bc64ec88ab697337457a29ce27c094c7804d08a88313
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:52:43 GMT
content-encoding
gzip
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
age
21
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:27 GMT
server
AmazonS3
etag
W/"2ec3bc522e0a1c31cffcdc5c9b355af1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
_BIkitOaq37o324qpBtRFOZ-lShgRwD2PO_WNHflUbgmBSeJzXM1PQ==
subbie-react-e396c784684ee4b352a1.css
assets.syd.estimateone.com/release/57021/css/
196 KB
40 KB
Stylesheet
General
Full URL
https://assets.syd.estimateone.com/release/57021/css/subbie-react-e396c784684ee4b352a1.css
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ada1e582685a9e9876ea3580b97e31592f30bbcbc0b3ffa8d0955214c0c362a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:52:43 GMT
content-encoding
gzip
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
age
21
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:28 GMT
server
AmazonS3
etag
W/"a8d3649a43224f5eb29e8153d6090cfd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
8HWhXnxzKskziA2dAbRJyALgs2hQq-QkW_1CJ8tto6DwmNSx9rBiww==
subbie-licence-page-react-904a6b3387001d2ca99a.css
assets.syd.estimateone.com/release/57021/css/
110 KB
20 KB
Stylesheet
General
Full URL
https://assets.syd.estimateone.com/release/57021/css/subbie-licence-page-react-904a6b3387001d2ca99a.css
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c3a3d15dce3d14552da0c6910a0ccd8144a1d030a658d07f17b8056343ed39c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:52:43 GMT
content-encoding
gzip
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
age
21
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:28 GMT
server
AmazonS3
etag
W/"a0828dd94e88b531cdc9f867228f5ea2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
QH0s0810GY9IxIvyn4LW272W-q8Ke4Cx7-tU9FXeXFRMsiOr-X0qCQ==
quotes-react-4ad9576980cf9584fd9d.css
assets.syd.estimateone.com/release/57021/css/
36 KB
8 KB
Stylesheet
General
Full URL
https://assets.syd.estimateone.com/release/57021/css/quotes-react-4ad9576980cf9584fd9d.css
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28b587505b5c1618186c50f3544e098eaef954857036e4d83e301956225a69cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:52:43 GMT
content-encoding
gzip
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
age
21
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:27 GMT
server
AmazonS3
etag
W/"1eae9c5b394ec1a8bd769f1524714bc9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
ljq-gElCl3ga20mKCxUjvjj6Ikr-nMMahefN9-3tZSItEX8phr6cow==
subbie-coversheets-react-2471e28cae689b2e3945.css
assets.syd.estimateone.com/release/57021/css/
106 KB
20 KB
Stylesheet
General
Full URL
https://assets.syd.estimateone.com/release/57021/css/subbie-coversheets-react-2471e28cae689b2e3945.css
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
062630e00f2528cf5188cd0cbdafb986853dfec2618374d92439fd4d65f5d932
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:52:43 GMT
content-encoding
gzip
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
age
21
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:28 GMT
server
AmazonS3
etag
W/"b8b2b2777222e9ccfe2b2e92713557e1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
NCYfR9xCLGoPk7c4NDNwNpbw-ok8fO16O3TxCGmP7EnqfszeVpfDpA==
builder-subbie-network-86301137eac12ac82898.css
assets.syd.estimateone.com/release/57021/css/
33 KB
8 KB
Stylesheet
General
Full URL
https://assets.syd.estimateone.com/release/57021/css/builder-subbie-network-86301137eac12ac82898.css
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
80d3476601b917893a5bf9b1ebd804e7bc6292cb822633d0f1ee147ccdbc1be6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:52:43 GMT
content-encoding
gzip
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
age
21
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:27 GMT
server
AmazonS3
etag
W/"4865304f38dadd902bf26fc8a8cde87d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
f6xt3a7e1b5BScQ8dXXQSQDKckz8dz-lD3WZIk87xa_MdrAUzBDjMg==
builder-react-09287e06ee7b609fdec1.css
assets.syd.estimateone.com/release/57021/css/
314 KB
62 KB
Stylesheet
General
Full URL
https://assets.syd.estimateone.com/release/57021/css/builder-react-09287e06ee7b609fdec1.css
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1359fba2a159e2a67b2547e8ff702258258f9edc5b1a2c1dd856807e9613515
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:52:43 GMT
content-encoding
gzip
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
age
21
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:27 GMT
server
AmazonS3
etag
W/"c716a5e119f18f7fdfd60eea79ae4f6c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
brhiJCjuOp4R3btlZlYzS0nOP68fN3eEAKOYVKoLs9D0Uult-zSzPw==
supplier-insights-react-6f7a548e9a278b228c98.css
assets.syd.estimateone.com/release/57021/css/
145 KB
26 KB
Stylesheet
General
Full URL
https://assets.syd.estimateone.com/release/57021/css/supplier-insights-react-6f7a548e9a278b228c98.css
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30ac38519528464e663dd5889860951ca820d0f683e6ee32ec071d9704fe1fb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:52:43 GMT
content-encoding
gzip
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
age
21
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:28 GMT
server
AmazonS3
etag
W/"644b756d19c182a421762fd51af6a12c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
Yu307M1FZxJgSekYKcwX9fWX94gXYAWvvFoNa0PxJ6W9kiSzLDCqZQ==
specifinder-react-7bc7980a39cd1f501f76.css
assets.syd.estimateone.com/release/57021/css/
22 KB
5 KB
Stylesheet
General
Full URL
https://assets.syd.estimateone.com/release/57021/css/specifinder-react-7bc7980a39cd1f501f76.css
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3292d1b6cc60ec5db24657c3f4f3e741b0ccff42bcb2693bbe47e8ee805b47bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:52:43 GMT
content-encoding
gzip
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
age
21
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:28 GMT
server
AmazonS3
etag
W/"b50bd84fc5f4f2ef18f369c5c93b0a32"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
BrKZ_g1fH3BEdQSFORTOCO4XjrN-8ajcwEW2fhfjESJhPT-voa0Szg==
EstimateOne_DARK_nopadding.png
assets.syd.estimateone.com/release/57021/images/
10 KB
11 KB
Image
General
Full URL
https://assets.syd.estimateone.com/release/57021/images/EstimateOne_DARK_nopadding.png
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e63b50c29fe3ec0edb6c9856d12ec73953f6678cee6139ddd2f5a6f3ef3d6c2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:53:04 GMT
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
10256
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:28 GMT
server
AmazonS3
etag
"817fc623af50ccc8bbd933e6dcb11e67"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
F5WiAKCb2auSrhIT15WZhNww9gGCDjPAAnDjaKa7Cp0mkj0PtCTEZw==
Welcome-02.png
assets.syd.estimateone.com/release/57021/images/
22 KB
22 KB
Image
General
Full URL
https://assets.syd.estimateone.com/release/57021/images/Welcome-02.png
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b19bdf6596785d1f4930f527386e8b1fb6eb7e122eaf42f58d6a9bc241375d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:53:04 GMT
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
22125
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:28 GMT
server
AmazonS3
etag
"04dcb52a2de5011ba95ed2c22de219bd"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
7KWEYjlWExj5xtRgr6j1W-0Y55UwY-XYZGQTvWknTBDPz3n2aSpTRA==
js
maps.googleapis.com/maps/api/
224 KB
74 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyCxRNPojkGQCZBGR7Ue7ZUbskl7FSq6mbY&callback=Function.prototype
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
970fe6c47b801a7f478c074dbf36659b08043cb0ba1c09e86902124f601607b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75665
x-xss-protection
0
manifest-d420c6a0ed.js
assets.syd.estimateone.com/release/57021/js/
6 KB
3 KB
Script
General
Full URL
https://assets.syd.estimateone.com/release/57021/js/manifest-d420c6a0ed.js
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba6fc1668de127aa03cadce543d260201b8fbc65425d48b962a6ec37936af660
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:52:43 GMT
content-encoding
gzip
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
age
21
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:30 GMT
server
AmazonS3
etag
W/"de15d8cc18d86e96591feef790f43337"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
KxHgnZiETsAg1q9RuI0Oa48mKoUcvaENV38ZRXPM43LHzfHCb-w_Lg==
vendor-base-d7469052b3.js
assets.syd.estimateone.com/release/57021/js/
2 MB
470 KB
Script
General
Full URL
https://assets.syd.estimateone.com/release/57021/js/vendor-base-d7469052b3.js
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ee35bc3050eecfe7bb2783b6446447a2e41dedd216ff34b4462e5ad7e85eae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:52:43 GMT
content-encoding
gzip
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
age
21
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:30 GMT
server
AmazonS3
etag
W/"541a71044c2bcb4b1be2a635ff513655"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
a6MAip9Lih3k6k7q_2ACwIrZgnVz5HxxzMQBWlVKazVmxpzac8zIog==
vendor-21d65d5608.js
assets.syd.estimateone.com/release/57021/js/
192 KB
56 KB
Script
General
Full URL
https://assets.syd.estimateone.com/release/57021/js/vendor-21d65d5608.js
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
393c7ed91473f320b06a94a3a3b73a52ebd8c0187a36dd06a70b9fe4c4449dd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:52:43 GMT
content-encoding
gzip
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
age
21
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:30 GMT
server
AmazonS3
etag
W/"afe890cf98f681a6482adf8a167176b5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
18rCY0jaw0wq2gbenI36kFDPY-p7Ceg5ogRUrXoIheHUbVRVI-WP5g==
common-ee26c7a216.js
assets.syd.estimateone.com/release/57021/js/
4 MB
1 MB
Script
General
Full URL
https://assets.syd.estimateone.com/release/57021/js/common-ee26c7a216.js
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2583ca6ad81109017a9fe4f20e617bd8f1730c8a191ba4f79b57c0d345f65eac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:52:43 GMT
content-encoding
gzip
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
age
21
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:30 GMT
server
AmazonS3
etag
W/"a77b397213dd54fe3958bd69a5ae329c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
5M3SsduVczUxlSUMwzMFCcO0fu-k8VcPK-c75tuH7PYuwcSC-cMGcA==
login-66e299ed87.js
assets.syd.estimateone.com/release/57021/js/
76 KB
25 KB
Script
General
Full URL
https://assets.syd.estimateone.com/release/57021/js/login-66e299ed87.js
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92e656da063f94c6ee0a7aff338c4f9260348fdf0ba94e28f2f63c8e7db7f68d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:53:04 GMT
content-encoding
gzip
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 02:43:30 GMT
server
AmazonS3
etag
W/"eabef19b2b3edc6379a04d90313d9900"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
xXp6fMWyZHBuc9MTkRzBm9GJj6P_DqLvyzRI0q0NzQMuYbpJwqsRzg==
eWAY.min.js
secure.ewaypayments.com/scripts/
12 KB
4 KB
Script
General
Full URL
https://secure.ewaypayments.com/scripts/eWAY.min.js
Requested by
Host: app.estimateone.com
URL: https://app.estimateone.com/auth/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.149.172 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-149-172.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5fb185ec1c4270a6864edfb2d526c8e58016cc772a588432120540470bbc3715
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Fri, 01 Mar 2024 02:53:02 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15768000
Last-Modified
Mon, 05 Feb 2024 03:02:50 GMT
Server
ETag
"029a0cddf57da1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4076
X-XSS-Protection
1; mode=block
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
359 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyCxRNPojkGQCZBGR7Ue7ZUbskl7FSq6mbY&callback=Function.prototype
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://app.estimateone.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 02:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://app.estimateone.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| global object| webpackChunke1_ascension function| Uv function| jv function| xl function| clearImmediate function| setImmediate function| $ function| jQuery function| SearchIndex object| regeneratorRuntime function| segmentGroupCall function| sentryFsIntegration object| Sentry object| E1FS function| initialiseTracking boolean| isIENonSupported object| eWAYUtils function| fieldEvent function| secureField object| eWAY function| docReady object| ewayVars object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| analyticsService

2 Cookies

Domain/Path Name / Value
app.estimateone.com/ Name: PHPSESSID
Value: 0uc7st473h4o8rkub0mj0gu2ue
app.estimateone.com/ Name: device_view
Value: full

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; frame-ancestors https: 'self' *.estimateone.com ; script-src https: 'report-sample' 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'nonce-1f470f1e56d1e22a4c06ac167b871379' 'sha256-DrY3Kth66fqFUfYO58aRiAHhiFXiGvI99C9GG19khG4=' 'sha256-g2h72H6PuhO/03N2efOe8vZC7F3y+7SVfjRIrSGGvlM=' 'sha256-9Z5fNKlBGDqsrtJTIqwIVmKEk8LP2Tbe0/3cCklRDlI=' 'strict-dynamic' *.estimateone.com *.appcues.com *.appcues.net assets.customer.io cdn.amplitude.com cdn.segment.com fonts.googleapis.com maps.googleapis.com www.google-analytics.com www.googleoptimize.com www.googletagmanager.com connect.facebook.net snap.licdn.com; script-src-elem https: 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' 'nonce-1f470f1e56d1e22a4c06ac167b871379' 'sha256-DrY3Kth66fqFUfYO58aRiAHhiFXiGvI99C9GG19khG4=' 'sha256-g2h72H6PuhO/03N2efOe8vZC7F3y+7SVfjRIrSGGvlM=' 'sha256-9Z5fNKlBGDqsrtJTIqwIVmKEk8LP2Tbe0/3cCklRDlI=' 'strict-dynamic'; script-src-attr 'report-sample' 'unsafe-hashes' 'self' 'sha256-DrY3Kth66fqFUfYO58aRiAHhiFXiGvI99C9GG19khG4=' 'sha256-g2h72H6PuhO/03N2efOe8vZC7F3y+7SVfjRIrSGGvlM=' 'sha256-9Z5fNKlBGDqsrtJTIqwIVmKEk8LP2Tbe0/3cCklRDlI='; style-src https: 'report-sample' 'self' 'unsafe-inline' 'unsafe-hashes' *.estimateone.com *.appcues.com *.appcues.net fonts.googleapis.com; img-src https: 'self' data: blob: *.estimateone.com http://media.estimateone.com *.appcues.com *.appcues.net rs.fullstory.com s3-ap-southeast-2.amazonaws.com secure.gravatar.com track.customer.io www.google.com www.google.com.au www.googletagmanager.com www.facebook.com px.ads.linkedin.com; connect-src https: 'self' *.estimateone.com *.browser-intake-datadoghq.com *.appcues.com *.appcues.net analytics.google.com api.amplitude.com api.segment.io cdn.segment.com e1-projects-prod-apse2-scope-documents.s3.ap-southeast-2.amazonaws.com edge.fullstory.com maps.googleapis.com maps.googleapis.com o6032.ingest.sentry.io rs.fullstory.com wss://*.appcues.com wss://*.appcues.net www.google-analytics.com www.google.com.au ad.doubleclick.net; font-src https: 'self' data: *.estimateone.com fonts.gstatic.com; frame-src https: 'self' blob: player.vimeo.com *.appcues.com;; manifest-src https: 'self' *.estimateone.com; object-src https: 'self' *.estimateone.com https://s3.ap-southeast-2.amazonaws.com/e1-profiles-dev-apse2-company-logo https://s3.ap-southeast-2.amazonaws.com/e1-profiles-prod-apse2-company-logo https://s3.ap-southeast-2.amazonaws.com/e1-profiles-stage-apse2-company-logo; worker-src 'self' blob:; child-src blob:; media-src https: 'self' data: *.estimateone.com ssl.gstatic.com; base-uri 'self'; report-uri https://o6032.ingest.sentry.io/api/4505786344538112/security/?sentry_key=089f1a7fc522dc44d241b578244de7ba; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.estimateone.com
assets.syd.estimateone.com
maps.googleapis.com
secure.ewaypayments.com
13.224.181.98
172.217.167.74
18.67.111.92
23.77.149.172
062630e00f2528cf5188cd0cbdafb986853dfec2618374d92439fd4d65f5d932
0c3a3d15dce3d14552da0c6910a0ccd8144a1d030a658d07f17b8056343ed39c
136774e43d06aa55760b996174a7d7aea79dc7331867bc293da932a24178d69f
1ee35bc3050eecfe7bb2783b6446447a2e41dedd216ff34b4462e5ad7e85eae2
2583ca6ad81109017a9fe4f20e617bd8f1730c8a191ba4f79b57c0d345f65eac
28b587505b5c1618186c50f3544e098eaef954857036e4d83e301956225a69cf
30ac38519528464e663dd5889860951ca820d0f683e6ee32ec071d9704fe1fb7
3292d1b6cc60ec5db24657c3f4f3e741b0ccff42bcb2693bbe47e8ee805b47bc
393c7ed91473f320b06a94a3a3b73a52ebd8c0187a36dd06a70b9fe4c4449dd5
451a99b19305a9f4ea693867bcdb4cf883dfb611255fa833da55f552eba8908f
48ba109395a3627a6ef40b8980429f6a69d19f3cfbffc320c16d76c41a3fbe45
5fb185ec1c4270a6864edfb2d526c8e58016cc772a588432120540470bbc3715
80d3476601b917893a5bf9b1ebd804e7bc6292cb822633d0f1ee147ccdbc1be6
92e656da063f94c6ee0a7aff338c4f9260348fdf0ba94e28f2f63c8e7db7f68d
970fe6c47b801a7f478c074dbf36659b08043cb0ba1c09e86902124f601607b2
9b19bdf6596785d1f4930f527386e8b1fb6eb7e122eaf42f58d6a9bc241375d8
ada1e582685a9e9876ea3580b97e31592f30bbcbc0b3ffa8d0955214c0c362a4
ba6fc1668de127aa03cadce543d260201b8fbc65425d48b962a6ec37936af660
bd6bc09c3716a35277f6b163169ad15cf35557f60b2972d96db7154048e313a1
c1359fba2a159e2a67b2547e8ff702258258f9edc5b1a2c1dd856807e9613515
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d803d3534064f3ed0e74bc64ec88ab697337457a29ce27c094c7804d08a88313
e63b50c29fe3ec0edb6c9856d12ec73953f6678cee6139ddd2f5a6f3ef3d6c2b