40hicks.com Open in urlscan Pro
52.147.15.202 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://40hicks.com/
Submission: On December 13 via api (December 13th 2024, 9:51:04 am UTC) from US — Scanned from AU

Summary HTTP 56 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 15 domains to perform 56 HTTP transactions. The main IP is 52.147.15.202, located in Sydney, Australia and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is 40hicks.com.
TLS certificate: Issued by R11 on November 13th 2024. Valid for: 3 months.

This is the only time 40hicks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.147.15.202 52.147.15.202	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	20.53.95.194 20.53.95.194	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	108.158.29.68 108.158.29.68	16509 (AMAZON-02) (AMAZON-02)
3	142.250.193.110 142.250.193.110	15169 (GOOGLE) (GOOGLE)
2	142.250.67.78 142.250.67.78	15169 (GOOGLE) (GOOGLE)
2	142.250.196.170 142.250.196.170	15169 (GOOGLE) (GOOGLE)
1	52.156.169.167 52.156.169.167	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	142.250.195.35 142.250.195.35	15169 (GOOGLE) (GOOGLE)
4	142.250.193.100 142.250.193.100	15169 (GOOGLE) (GOOGLE)
1	20.193.7.105 20.193.7.105	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	142.250.195.200 142.250.195.200	15169 (GOOGLE) (GOOGLE)
2	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
2	142.250.195.110 142.250.195.110	15169 (GOOGLE) (GOOGLE)
1	142.250.195.162 142.250.195.162	15169 (GOOGLE) (GOOGLE)
2	216.58.200.130 216.58.200.130	15169 (GOOGLE) (GOOGLE)
1	142.250.195.195 142.250.195.195	15169 (GOOGLE) (GOOGLE)
1	74.125.68.156 74.125.68.156	15169 (GOOGLE) (GOOGLE)
2	142.250.196.67 142.250.196.67	15169 (GOOGLE) (GOOGLE)
1	52.65.188.110 52.65.188.110	16509 (AMAZON-02) (AMAZON-02)
2	157.240.8.35 157.240.8.35	32934 (FACEBOOK) (FACEBOOK)
56	20

1 52.147.15.202 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

40hicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 20.53.95.194 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

propertyshowcase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 108.158.29.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-29-68.syd3.r.cloudfront.net

dylxu3usbmz3z.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.193.110 (United States)

ASN15169 (GOOGLE, US)
PTR: maa05s24-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.67.78 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: maa05s13-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.196.170 (United States)

ASN15169 (GOOGLE, US)
PTR: maa03s47-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.156.169.167 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

images.campaigntrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.195.35 (United States)

ASN15169 (GOOGLE, US)
PTR: maa03s37-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.193.100 (United States)

ASN15169 (GOOGLE, US)
PTR: maa05s24-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.193.7.105 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

files.campaigntrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.195.200 (United States)

ASN15169 (GOOGLE, US)
PTR: maa03s42-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.195.110 (United States)

ASN15169 (GOOGLE, US)
PTR: maa03s39-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.195.162 (United States)

ASN15169 (GOOGLE, US)
PTR: maa03s41-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.200.130 (United States)

ASN15169 (GOOGLE, US)
PTR: maa05s10-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.195.195 (United States)

ASN15169 (GOOGLE, US)
PTR: maa03s42-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.196.67 (United States)

ASN15169 (GOOGLE, US)
PTR: maa03s46-in-f3.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.65.188.110 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-65-188-110.ap-southeast-2.compute.amazonaws.com

mmmuq2ygw2.ap-southeast-2.awsapprunner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	propertyshowcase.com propertyshowcase.com	293 KB
8	cloudfront.net dylxu3usbmz3z.cloudfront.net	1007 KB
7	google.com apis.google.com — Cisco Umbrella Rank: 121 www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 142	114 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	322 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 td.doubleclick.net — Cisco Umbrella Rank: 182 stats.g.doubleclick.net — Cisco Umbrella Rank: 135	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	366 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	212 B
2	google.com.au www.google.com.au — Cisco Umbrella Rank: 30241	127 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	154 KB
2	campaigntrack.com images.campaigntrack.com files.campaigntrack.com	31 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	12 KB
1	awsapprunner.com mmmuq2ygw2.ap-southeast-2.awsapprunner.com — Cisco Umbrella Rank: 522745	520 B
1	40hicks.com 40hicks.com	20 KB
56	15

	Domain	Requested by
12	propertyshowcase.com	40hicks.com propertyshowcase.com
8	dylxu3usbmz3z.cloudfront.net	40hicks.com
4	www.googletagmanager.com	40hicks.com www.googletagmanager.com
4	www.google.com	40hicks.com www.googletagmanager.com
4	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	40hicks.com
2	www.google.com.au	40hicks.com
2	td.doubleclick.net	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	40hicks.com connect.facebook.net
2	fonts.googleapis.com	propertyshowcase.com
2	www.youtube.com	40hicks.com www.youtube.com
2	apis.google.com	40hicks.com apis.google.com
1	mmmuq2ygw2.ap-southeast-2.awsapprunner.com	connect.facebook.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	files.campaigntrack.com	40hicks.com
1	images.campaigntrack.com	40hicks.com
1	40hicks.com
56	21

This site contains links to these domains. Also see Links.

Domain
www.harcourtswellington.co.nz
www.linkedin.com
twitter.com
www.facebook.com
api.whatsapp.com
www.realbase.io
teamharcourts.co.nz
www.campaigntrack.com

Subject Issuer	Validity	Valid
www.40hicks.com R11	`2024-11-13` - `2025-02-11`	3 months	crt.sh
campaigntrack.com Thawte TLS RSA CA G1	`2024-04-12` - `2025-05-13`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.apis.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-22` - `2024-12-21`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google.com.au WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.ap-southeast-2.awsapprunner.com Amazon RSA 2048 M03	`2024-08-28` - `2025-09-27`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://40hicks.com/
Frame ID: D423C1F66B60FC9632916205362B1651
Requests: 52 HTTP requests in this frame

Frame: https://www.google.com/maps/embed/v1/place?key=AIzaSyB-B9Zh_JHxjB_xNiyiuzsIOS6Gi1DD2SA&q=%20+%2040%20Hicks%20Crescent%20%2C%20Waikanae%20Beach%20%205036%2C%20New%20Zealand
Frame ID: 1202627845CFD5D29EF97C4B3A2008F6
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2F40hicks.com
Frame ID: 9094F7D504D4353CBF204517D4D05148
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/929776688?random=1734083456614&cv=11&fst=1734083456614&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cb0v880085321z871499767za201zb71499767&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2F40hicks.com%2F&hn=www.googleadservices.com&frm=0&tiba=40%20Hicks%20Crescent%20%2C%20Waikanae%20Beach%20-%204%20Bed%20House%20-%20Auction&npa=0&pscdl=noapi&auid=1363326249.1734083456&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 7683D055E34EE321B25D39F333E1E8D2
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-JY8YG1XGT5&gacid=221547258.1734083457&gtm=45je4cb0v897071167z871499767za200zb71499767&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=702132160
Frame ID: F0A15D48D68F70EE9A479959505F58A7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

40 Hicks Crescent , Waikanae Beach - 4 Bed House - Auction

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

56
Requests

98 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

20
IPs

2
Countries

2345 kB
Transfer

4893 kB
Size

14
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.harcourtswellington.co.nz/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=http://propertyshowcase.com/40hickscrescent/

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=http://propertyshowcase.com/40hickscrescent/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=http://propertyshowcase.com/40hickscrescent/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/send?app_id=1720939401545281&redirect_uri=https://www.40hicks.com&link=www.40hicks.com
Title: Messenger

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.40hicks.com
Title: Twitter

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://www.40hicks.com
Title: Whatsapp

Search URL Search Domain Scan URL

URL: http://www.realbase.io/
Title: Realbase Group

Search URL Search Domain Scan URL

URL: https://www.realbase.io/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.facebook.com/dialog/send?app_id=1720939401545281&redirect_uri=https://www.40hicks.com&link=www.40hicks.com
Title: Messenger

Search URL Search Domain Scan URL

URL: http://teamharcourts.co.nz/
Title: see more properties

Search URL Search Domain Scan URL

URL: http://www.campaigntrack.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
40hicks.com/ 95 KB
20 KB 232ms
50ms Document
text/html 52.147.15.202
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://40hicks.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.147.15.202 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7177fb193a8752104a9e391433d1bd23177841186fa184654f5bc0df98f18314

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 20223
Content-Type: text/html; charset=utf-8
Date: Fri, 13 Dec 2024 09:50:54 GMT
Keep-Alive: timeout=5, max=100
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

GET
H/1.1 200
OK design-base.css
propertyshowcase.com/content/property/designs/1/styles/css/ 254 KB
41 KB 23ms
9ms Stylesheet
text/css 20.53.95.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://propertyshowcase.com/content/property/designs/1/styles/css/design-base.css?v=20221103T031430P
Requested by: Host: 40hicks.com
URL: https://40hicks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.53.95.194 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 52b3900ef333a2a8928fa6e9ee3b3d367c6050205da6787d08435c0d794ab6d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

Content-Encoding: gzip
ETag: "0d74c53aefd81:0"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 41931
Date: Fri, 13 Dec 2024 09:50:54 GMT
Content-Type: text/css
Last-Modified: Thu, 03 Nov 2022 04:14:30 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK design-desktop.css
propertyshowcase.com/content/property/designs/1/styles/css/ 41 KB
10 KB 45ms
33ms Stylesheet
text/css 20.53.95.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://propertyshowcase.com/content/property/designs/1/styles/css/design-desktop.css?v=20221103T031430P
Requested by: Host: 40hicks.com
URL: https://40hicks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.53.95.194 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4ab218a27e3e7ed51050cac42b7dc5930ab93c6a05236330f41378cb835700d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

Content-Encoding: gzip
ETag: "0d74c53aefd81:0"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 9363
Date: Fri, 13 Dec 2024 09:50:54 GMT
Content-Type: text/css
Last-Modified: Thu, 03 Nov 2022 04:14:30 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK header-gradient-logo-white.css
propertyshowcase.com/content/property/designs/1/styles/css/ 2 KB
1 KB 55ms
43ms Stylesheet
text/css 20.53.95.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://propertyshowcase.com/content/property/designs/1/styles/css/header-gradient-logo-white.css
Requested by: Host: 40hicks.com
URL: https://40hicks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.53.95.194 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 02ab1f00dbfc53771e0e8167050beb2fbb9ca55b903449c45d526479b1aa573f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

Content-Encoding: gzip
ETag: "0eaa5729f3dd81:0"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 605
Date: Fri, 13 Dec 2024 09:50:54 GMT
Content-Type: text/css
Last-Modified: Tue, 22 Mar 2022 03:46:44 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK style34.css
propertyshowcase.com/content/property/designs/1/overrides/default/styles/ 6 KB
2 KB 25ms
13ms Stylesheet
text/css 20.53.95.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://propertyshowcase.com/content/property/designs/1/overrides/default/styles/style34.css?v=20241211T120354P
Requested by: Host: 40hicks.com
URL: https://40hicks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.53.95.194 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a9e3a0d21922a0a8445b1e4b2c5a4e277a0065f1fd349bd06f41bd41a407b388

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

Content-Encoding: gzip
ETag: "f4fbb88c684bdb1:0"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 1712
Date: Fri, 13 Dec 2024 09:50:54 GMT
Content-Type: text/css
Last-Modified: Wed, 11 Dec 2024 01:03:54 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H2 200 57555608crop1600x1000.jpg
dylxu3usbmz3z.cloudfront.net/CtImage/634706233792307700241622310605/ 292 KB
293 KB 21ms
7ms Image
image/jpeg 108.158.29.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dylxu3usbmz3z.cloudfront.net/CtImage/634706233792307700241622310605/57555608crop1600x1000.jpg
Requested by: Host: 40hicks.com
URL: https://40hicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.29.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-29-68.syd3.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b600afa44bd30d68a98d71a1f34528ee3e7f3ed62754c899cc0240d32f147322

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

cache-control: public
x-aspnet-version: 4.0.30319
age: 2112582
via: 1.1 9fe9a459a2b2b8935dc7f533182681dc.cloudfront.net (CloudFront)
expires: Tue, 18 Nov 2025 23:01:12 GMT
x-cache: Hit from cloudfront
content-length: 298938
x-amz-cf-id: f_M7jghYSbDx6osznzqvrxTyIk2nIYt7cvqNaI-5N14STD9d3eTF6g==
date: Mon, 18 Nov 2024 23:01:12 GMT
content-type: image/jpeg
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0
x-amz-cf-pop: SYD3-P2

GET
H/1.1 200
OK bundled.js Show response
propertyshowcase.com/content/property/designs/1/scripts/dist/ 280 KB
111 KB 112ms
99ms Script
application/javascript 20.53.95.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://propertyshowcase.com/content/property/designs/1/scripts/dist/bundled.js
Requested by: Host: 40hicks.com
URL: https://40hicks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.53.95.194 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0cd1fdf3a3d9e233dd2ca09af2ae11295ba9d6f1cc185f67dfe127ee4b61d4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: "01519b93aefd81:0"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Date: Fri, 13 Dec 2024 09:50:54 GMT
Content-Type: application/javascript
Last-Modified: Thu, 03 Nov 2022 04:14:10 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H2 200 client.js Show response
apis.google.com/js/ 14 KB
6 KB 628ms
293ms Script
text/javascript 142.250.193.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js

Requested by

Host: 40hicks.com
URL: https://40hicks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.193.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa05s24-in-f14.1e100.net

Software

sffe /

Resource Hash

2e3fddda895ee9813b9f8bc03bda37753a46fc949197e706a2b74a4d6cd7273e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

content-encoding: gzip
etag: "c8ff90505dc2d690"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 09:50:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 09:50:55 GMT
content-type: text/javascript
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="gapi-team"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5774
x-xss-protection: 0
server: sffe

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 605ms
314ms Script
text/javascript 142.250.67.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: 40hicks.com
URL: https://40hicks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa05s13-in-f14.1e100.net

Software

ESF /

Resource Hash

f8d1544bb47c74ef9a9b177a721c628aeff0be0f9f6a57b18769a7d67055c759

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

content-encoding: br
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
x-content-type-options: nosniff
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
expires: Fri, 13 Dec 2024 09:50:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
date: Fri, 13 Dec 2024 09:50:55 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 586ms
297ms Stylesheet
text/css 142.250.196.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Requested by

Host: propertyshowcase.com
URL: https://propertyshowcase.com/content/property/designs/1/styles/css/design-base.css?v=20221103T031430P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s47-in-f10.1e100.net

Software

ESF /

Resource Hash

9c143b0d49c00d71de9414d8461e0c25b400fcff8fa9c7386ecc10d64a69b309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://propertyshowcase.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 09:50:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 09:50:54 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 13 Dec 2024 08:06:31 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 3 KB
552 B 830ms
541ms Stylesheet
text/css 142.250.196.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900&display=swap

Requested by

Host: propertyshowcase.com
URL: https://propertyshowcase.com/content/property/designs/1/styles/css/design-base.css?v=20221103T031430P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s47-in-f10.1e100.net

Software

ESF /

Resource Hash

78a9a05fa9772c82fb10d053a5ed4ab56546b3e60e56844f0f47dbd12c927016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://propertyshowcase.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 09:50:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 09:50:54 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 13 Dec 2024 08:05:54 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 57555608crop991x645.jpg
dylxu3usbmz3z.cloudfront.net/CtImage/634706233792307700241622310605/ 128 KB
129 KB 6ms
6ms Image
image/jpeg 108.158.29.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dylxu3usbmz3z.cloudfront.net/CtImage/634706233792307700241622310605/57555608crop991x645.jpg
Requested by: Host: 40hicks.com
URL: https://40hicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.29.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-29-68.syd3.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: be593ad8d3c6387a4c49d59a468db46cc42f36a5c6e4b7cc946948dd2b385c10

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

cache-control: public
x-aspnet-version: 4.0.30319
age: 2517529
via: 1.1 9fe9a459a2b2b8935dc7f533182681dc.cloudfront.net (CloudFront)
expires: Fri, 14 Nov 2025 06:32:06 GMT
x-cache: Hit from cloudfront
content-length: 131290
x-amz-cf-id: S-BcN6eB2gErB6xI5DNyWKkBiu4WVLK2s_OYVkV4b0pSV6hiYZHepA==
date: Thu, 14 Nov 2024 06:32:05 GMT
content-type: image/jpeg
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0
x-amz-cf-pop: SYD3-P2

GET
H/1.1 200
OK user-default.jpg
propertyshowcase.com/content/property/designs/1/images/ 3 KB
4 KB 15ms
14ms Image
image/jpeg 20.53.95.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://propertyshowcase.com/content/property/designs/1/images/user-default.jpg
Requested by: Host: propertyshowcase.com
URL: https://propertyshowcase.com/content/property/designs/1/styles/css/design-base.css?v=20221103T031430P
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.53.95.194 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b188f00addb9857579c89f9eb41d2594295c8297ed767c04d3801458c9d7b023

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://propertyshowcase.com/content/property/designs/1/styles/css/design-base.css?v=20221103T031430P

Response headers

ETag: "0eaa5729f3dd81:0"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 3289
Date: Fri, 13 Dec 2024 09:50:55 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 22 Mar 2022 03:46:44 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK 53296187box300x300.jpg
images.campaigntrack.com/ctimage/377215116410478037296027314428/ 10 KB
10 KB 59ms
28ms Image
image/jpeg 52.156.169.167
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.campaigntrack.com/ctimage/377215116410478037296027314428/53296187box300x300.jpg
Requested by: Host: 40hicks.com
URL: https://40hicks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.156.169.167 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 338bd3b943dff542ec209e94c3974ea4ad446d80d76d5d3613fae3b3f6f5e803

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

Cache-Control: public
X-AspNet-Version: 4.0.30319
Expires: Sat, 13 Dec 2025 09:50:55 GMT
Content-Length: 10155
Date: Fri, 13 Dec 2024 09:50:55 GMT
Content-Type: image/jpeg
X-Powered-By: ASP.NET
Server: Microsoft-IIS/10.0

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 304ms
132ms Font
font/woff2 142.250.195.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.195.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s37-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://40hicks.com
Referer: https://fonts.googleapis.com/

Response headers

age: 131062
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 21:26:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 21:26:33 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK Stroke-Gap-Icons.ttf
propertyshowcase.com/content/property/designs/1/fonts/ 43 KB
44 KB 29ms
13ms Font
application/octet-stream 20.53.95.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://propertyshowcase.com/content/property/designs/1/fonts/Stroke-Gap-Icons.ttf?qwjm2e
Requested by: Host: propertyshowcase.com
URL: https://propertyshowcase.com/content/property/designs/1/styles/css/design-base.css?v=20221103T031430P
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.53.95.194 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8499c4527661f65886e365fdbaba0cabbddaced9fc2c1af4c6b04c9bbe74422c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://40hicks.com
Referer: https://propertyshowcase.com/content/property/designs/1/styles/css/design-base.css?v=20221103T031430P

Response headers

ETag: "0eaa5729f3dd81:0"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 44280
Date: Fri, 13 Dec 2024 09:50:55 GMT
Content-Type: application/octet-stream
Last-Modified: Tue, 22 Mar 2022 03:46:44 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK fontawesome-webfont.woff2
propertyshowcase.com/content/property/designs/1/fonts/ 69 KB
70 KB 26ms
9ms Font
application/font-woff2 20.53.95.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://propertyshowcase.com/content/property/designs/1/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: propertyshowcase.com
URL: https://propertyshowcase.com/content/property/designs/1/styles/css/design-base.css?v=20221103T031430P
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.53.95.194 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://40hicks.com
Referer: https://propertyshowcase.com/content/property/designs/1/styles/css/design-base.css?v=20221103T031430P

Response headers

ETag: "0eaa5729f3dd81:0"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 70728
Date: Fri, 13 Dec 2024 09:50:55 GMT
Content-Type: application/font-woff2
Last-Modified: Tue, 22 Mar 2022 03:46:44 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 407ms
235ms Font
font/woff2 142.250.195.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.195.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s37-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://40hicks.com
Referer: https://fonts.googleapis.com/

Response headers

age: 15007
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 13 Dec 2025 05:40:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 05:40:48 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
37 KB 310ms
139ms Font
font/woff2 142.250.195.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.195.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s37-in-f3.1e100.net

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://40hicks.com
Referer: https://fonts.googleapis.com/

Response headers

age: 118704
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 00:52:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 00:52:31 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 359ms
188ms Font
font/woff2 142.250.195.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.195.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s37-in-f3.1e100.net

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://40hicks.com
Referer: https://fonts.googleapis.com/

Response headers

age: 167663
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 11:16:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 11:16:32 GMT
last-modified: Tue, 02 May 2023 15:08:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23236
x-xss-protection: 0
server: sffe

GET
H3 200 place
www.google.com/maps/embed/v1/ Frame 1202 0
0 733ms
472ms Document
text/html 142.250.193.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed/v1/place?key=AIzaSyB-B9Zh_JHxjB_xNiyiuzsIOS6Gi1DD2SA&q=%20+%2040%20Hicks%20Crescent%20%2C%20Waikanae%20Beach%20%205036%2C%20New%20Zealand

Requested by

Host: 40hicks.com
URL: https://40hicks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.193.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa05s24-in-f4.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-nxaYyoBQgU5e5tG-TSrvkA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://40hicks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 984
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-nxaYyoBQgU5e5tG-TSrvkA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Fri, 13 Dec 2024 09:50:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Accept-Language Origin X-Origin Referer
x-content-type-options: nosniff
x-robots-tag: noindex,nofollow
x-xss-protection: 0

GET
H2 200 MicroSiteLogo_20160520124935220.png
files.campaigntrack.com/AppFiles/ClientImage/ 20 KB
21 KB 53ms
30ms Image
image/png 20.193.7.105
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.campaigntrack.com/AppFiles/ClientImage/MicroSiteLogo_20160520124935220.png
Requested by: Host: 40hicks.com
URL: https://40hicks.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.193.7.105 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3e0f0ded782de3dfda828e1f93240c85ae2a516ccbd5cc2ac86984a7982ae4c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

etag: "e0aa184442b2d11:0"
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: https://live.campaigntrack.com
content-length: 20803
date: Fri, 13 Dec 2024 09:50:55 GMT
content-type: image/png
last-modified: Fri, 20 May 2016 02:49:45 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 57555608crop200x150.jpg
dylxu3usbmz3z.cloudfront.net/CtImage/634706233792307700241622310605/ 9 KB
9 KB 12ms
7ms Image
image/jpeg 108.158.29.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dylxu3usbmz3z.cloudfront.net/CtImage/634706233792307700241622310605/57555608crop200x150.jpg
Requested by: Host: 40hicks.com
URL: https://40hicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.29.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-29-68.syd3.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c88ede6cde1c13c86348555588926e299edb1ad1e3f4430a32058cdc0e2cc6b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

cache-control: public
x-aspnet-version: 4.0.30319
age: 2517786
via: 1.1 9fe9a459a2b2b8935dc7f533182681dc.cloudfront.net (CloudFront)
expires: Fri, 14 Nov 2025 06:27:49 GMT
x-cache: Hit from cloudfront
content-length: 9255
x-amz-cf-id: hv8ep_asARsLdWX-MO1sVAxJ3en3t2YpvzGHbWVnifgdOcyaJaOz5A==
date: Thu, 14 Nov 2024 06:27:49 GMT
content-type: image/jpeg
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0
x-amz-cf-pop: SYD3-P2

GET
H2 200 57555606crop200x150.jpg
dylxu3usbmz3z.cloudfront.net/CtImage/634706233792307700241622310605/ 11 KB
11 KB 14ms
9ms Image
image/jpeg 108.158.29.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dylxu3usbmz3z.cloudfront.net/CtImage/634706233792307700241622310605/57555606crop200x150.jpg
Requested by: Host: 40hicks.com
URL: https://40hicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.29.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-29-68.syd3.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7bf3bfa26fc3234f68b3b5dce82859948ba151946bcf39e37f9a22f1a5e44b57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

cache-control: public
x-aspnet-version: 4.0.30319
age: 2428991
via: 1.1 9fe9a459a2b2b8935dc7f533182681dc.cloudfront.net (CloudFront)
expires: Sat, 15 Nov 2025 07:07:44 GMT
x-cache: Hit from cloudfront
content-length: 11313
x-amz-cf-id: lR_mBk8XextWJZe5bpseCI70O2m-Mt7KV82rGKFp-zg8pB6Dp5U_Vw==
date: Fri, 15 Nov 2024 07:07:43 GMT
content-type: image/jpeg
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0
x-amz-cf-pop: SYD3-P2

GET
H2 200 57555607crop200x150.jpg
dylxu3usbmz3z.cloudfront.net/CtImage/634706233792307700241622310605/ 11 KB
12 KB 15ms
10ms Image
image/jpeg 108.158.29.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dylxu3usbmz3z.cloudfront.net/CtImage/634706233792307700241622310605/57555607crop200x150.jpg
Requested by: Host: 40hicks.com
URL: https://40hicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.29.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-29-68.syd3.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 43ed485d768c1ec52139f7f3cbeaecbd50188395bac3f95d5a929abaf344e6fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

cache-control: public
x-aspnet-version: 4.0.30319
age: 2428991
via: 1.1 9fe9a459a2b2b8935dc7f533182681dc.cloudfront.net (CloudFront)
expires: Sat, 15 Nov 2025 07:07:44 GMT
x-cache: Hit from cloudfront
content-length: 11426
x-amz-cf-id: Ro7KuJckYyE3twUb6HDrsd9VkGmfMfo00Qp24P6GI1pbUKQnQBwLKg==
date: Fri, 15 Nov 2024 07:07:43 GMT
content-type: image/jpeg
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0
x-amz-cf-pop: SYD3-P2

GET
H/1.1 200
OK campaigntrack-logo-white.png
propertyshowcase.com/content/property/designs/1/images/ 4 KB
4 KB 16ms
13ms Image
image/png 20.53.95.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://propertyshowcase.com/content/property/designs/1/images/campaigntrack-logo-white.png
Requested by: Host: 40hicks.com
URL: https://40hicks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.53.95.194 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4bf0df15d50f364420aa23d1ed2058f3ff006d1df433db34a2513c544bebad6b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

ETag: "0eaa5729f3dd81:0"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 3662
Date: Fri, 13 Dec 2024 09:50:55 GMT
Content-Type: image/png
Last-Modified: Tue, 22 Mar 2022 03:46:44 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 432 KB
130 KB 593ms
296ms Script
application/javascript 142.250.195.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T8DZFZ

Requested by

Host: 40hicks.com
URL: https://40hicks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.195.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s42-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

55e6fbd8ab3e09e25dc9b65f409cbea724ea398421488778a390a116ec6b32e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 13 Dec 2024 09:50:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 09:50:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 13 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 132291
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK ajax-loader.gif
propertyshowcase.com/content/property/designs/1/images/ 4 KB
4 KB 9ms
6ms Image
image/gif 20.53.95.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://propertyshowcase.com/content/property/designs/1/images/ajax-loader.gif
Requested by: Host: propertyshowcase.com
URL: https://propertyshowcase.com/content/property/designs/1/styles/css/design-base.css?v=20221103T031430P
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.53.95.194 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 480f5e86198e1ac52312cc345faf38720bb2e301eb626e8a6f637f546e131c32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://propertyshowcase.com/content/property/designs/1/styles/css/design-base.css?v=20221103T031430P

Response headers

ETag: "0eaa5729f3dd81:0"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 4133
Date: Fri, 13 Dec 2024 09:50:55 GMT
Content-Type: image/gif
Last-Modified: Tue, 22 Mar 2022 03:46:44 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6zM9SN8ON8Q.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9LiInNUyZ6A99oK9HdmPXGee7Zyg/ 314 KB
107 KB 179ms
179ms Script
text/javascript 142.250.193.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6zM9SN8ON8Q.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9LiInNUyZ6A99oK9HdmPXGee7Zyg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.193.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa05s24-in-f14.1e100.net

Software

sffe /

Resource Hash

0f0ba04c61af50fc026908c7024d0b963f375b8b652a48a27e2833edda1bcb7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

content-encoding: gzip
age: 275150
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 05:25:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 05:25:05 GMT
last-modified: Mon, 11 Nov 2024 18:50:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
accept-ranges: bytes
access-control-allow-origin: *
content-length: 108953
x-xss-protection: 0
server: sffe

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/f8f53e1a/www-widgetapi.vflset/ 30 KB
10 KB 199ms
198ms Script
text/javascript 142.250.67.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f8f53e1a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa05s13-in-f14.1e100.net

Software

sffe /

Resource Hash

14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

content-encoding: br
age: 177949
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 08:25:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 08:25:06 GMT
last-modified: Wed, 11 Dec 2024 05:16:51 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10165
x-xss-protection: 0
server: sffe

POST
H3 200 collect
www.google.com/ccm/ 0
0 415ms
161ms Ping
text/plain 142.250.193.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2F40hicks.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=865442211.1734083456&auid=1363326249.1734083456&navt=n&npa=0&gtm=45He4cb0v71499767za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734083456178&tfd=2165&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8DZFZ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.193.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: maa05s24-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 432 KB
137 KB 297ms
294ms Script
application/javascript 142.250.195.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JY8YG1XGT5&l=dataLayer&cx=c&gtm=45He4cb0v71499767za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8DZFZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.195.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s42-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6423f1cd9ae1863b20e454e70e74965671e1f22a3e6738e689d96a943589b502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 13 Dec 2024 09:50:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 09:50:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 139600
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 290 KB
99 KB 259ms
258ms Script
application/javascript 142.250.195.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-929776688&l=dataLayer&cx=c&gtm=45He4cb0v71499767za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8DZFZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.195.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s42-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

59750f35f284d61f219fa49f651b6d350eccbaf01307686f4f3e452810caceb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 13 Dec 2024 09:50:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 09:50:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 13 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101280
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 25ms
5ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 40hicks.com
URL: https://40hicks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-owZsc3RQ' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 13 Dec 2024 09:50:56 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-owZsc3RQ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4560, tp=10, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: dCdD1FOLBshwAZwhbwpyD31jYh58TCsJItFea88e7+lw0Hjph4y1wX5/J0ztMz1DkOb1mN8h6BZHiVw+gY/w/Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62212
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
968 B 405ms
165ms Script
text/javascript 142.250.193.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LctEVIpAAAAAKrsBfQOqQMypBhs5P_hz9yBSlXU

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8DZFZ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.193.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa05s24-in-f4.1e100.net

Software

ESF /

Resource Hash

652e8677aec33767d2a5f229384f79b4f526104bf7e94d7d258070f94743c3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 09:50:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Fri, 13 Dec 2024 09:50:56 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 9094 0
0 571ms
257ms Document
text/html 142.250.195.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2F40hicks.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8DZFZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.195.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s42-in-f8.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Dec 2024 09:50:56 GMT
expires: Sat, 13 Dec 2025 09:50:56 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 571ms
250ms Script
text/javascript 142.250.195.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8DZFZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.195.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s39-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

content-encoding: gzip
age: 4817
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 10:30:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 08:30:39 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 121884184922343 Show response
connect.facebook.net/signals/config/ 297 KB
93 KB 1142ms
1142ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/121884184922343?v=2.9.178&r=stable&domain=40hicks.com&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

a55af9ffdcc1fab4e930d169228dcc0bf26f9cf1846e073a1fd40c63548dfec2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-cAHXhp9r' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 13 Dec 2024 09:50:57 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-cAHXhp9r' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=77, mss=1232, tbw=71206, tp=69, tpl=0, uplat=1138, ullat=1
pragma: public
x-fb-debug: 4nMX6F0Ar6eGAxS6dHug7boykVebKlxa78qgMElQXCDPAU+taoOQEsTeMikYEtUi9/wmY7e05M0MLR49PLxf7Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/929776688/ 5 KB
2 KB 818ms
564ms Script
text/javascript 142.250.195.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/929776688/?random=1734083456614&cv=11&fst=1734083456614&bg=ffffff&guid=ON&async=1&gtm=45be4cb0v880085321z871499767za201zb71499767&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2F40hicks.com%2F&hn=www.googleadservices.com&frm=0&tiba=40%20Hicks%20Crescent%20%2C%20Waikanae%20Beach%20-%204%20Bed%20House%20-%20Auction&npa=0&pscdl=noapi&auid=1363326249.1734083456&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-929776688&l=dataLayer&cx=c&gtm=45He4cb0v71499767za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.195.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s41-in-f2.1e100.net

Software

cafe /

Resource Hash

d2f31d985701f200397b957b8740ccb5469f33c03cbc6946daf01838cebc547d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2280
date: Fri, 13 Dec 2024 09:50:56 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 929776688
td.doubleclick.net/td/rul/ Frame 7683 0
0 1423ms
1135ms Document
text/html 216.58.200.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/929776688?random=1734083456614&cv=11&fst=1734083456614&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cb0v880085321z871499767za201zb71499767&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2F40hicks.com%2F&hn=www.googleadservices.com&frm=0&tiba=40%20Hicks%20Crescent%20%2C%20Waikanae%20Beach%20-%204%20Bed%20House%20-%20Auction&npa=0&pscdl=noapi&auid=1363326249.1734083456&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-929776688&l=dataLayer&cx=c&gtm=45He4cb0v71499767za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.200.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa05s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://40hicks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Dec 2024 09:50:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/ 547 KB
216 KB 566ms
255ms Script
text/javascript 142.250.195.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LctEVIpAAAAAKrsBfQOqQMypBhs5P_hz9yBSlXU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.195.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s42-in-f3.1e100.net

Software

sffe /

Resource Hash

b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://40hicks.com
Referer: https://40hicks.com/

Response headers

content-encoding: gzip
age: 190398
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 04:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 04:57:39 GMT
last-modified: Tue, 10 Dec 2024 23:05:10 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220882
x-xss-protection: 0
server: sffe

POST
H2 204 collect
analytics.google.com/g/ 0
0 630ms
297ms Fetch
text/plain 142.250.193.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-JY8YG1XGT5&gtm=45je4cb0v897071167z871499767za200zb71499767&_p=1734083455231&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=221547258.1734083457&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1734083456&sct=1&seg=0&dl=https%3A%2F%2F40hicks.com%2F&dt=40%20Hicks%20Crescent%20%2C%20Waikanae%20Beach%20-%204%20Bed%20House%20-%20Auction&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2693
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JY8YG1XGT5&l=dataLayer&cx=c&gtm=45He4cb0v71499767za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.193.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: maa05s24-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://40hicks.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 09:50:57 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
551 B 434ms
230ms Ping
text/plain 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JY8YG1XGT5&cid=221547258.1734083457&gtm=45je4cb0v897071167z871499767za200zb71499767&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JY8YG1XGT5&l=dataLayer&cx=c&gtm=45He4cb0v71499767za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://40hicks.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 09:50:57 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame F0A1 0
0 527ms
317ms Document
text/html 216.58.200.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-JY8YG1XGT5&gacid=221547258.1734083457&gtm=45je4cb0v897071167z871499767za200zb71499767&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=702132160

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JY8YG1XGT5&l=dataLayer&cx=c&gtm=45He4cb0v71499767za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.200.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa05s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://40hicks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Dec 2024 09:50:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 344ms
173ms Image
image/gif 142.250.196.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JY8YG1XGT5&cid=221547258.1734083457&gtm=45je4cb0v897071167z871499767za200zb71499767&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1152355827

Requested by

Host: 40hicks.com
URL: https://40hicks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 13 Dec 2024 09:50:56 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
418 B 246ms
240ms XHR
text/plain 142.250.195.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=819934529&t=pageview&_s=1&dl=https%3A%2F%2F40hicks.com%2F&ul=en-au&de=UTF-8&dt=40%20Hicks%20Crescent%20%2C%20Waikanae%20Beach%20-%204%20Bed%20House%20-%20Auction&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1235462529&gjid=786990255&cid=221547258.1734083457&tid=UA-61758358-3&_gid=961731360.1734083457&_r=1&_slc=1&gtm=45He4cb0n71T8DZFZv71499767za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=320280048

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.195.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s39-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://40hicks.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 09:50:57 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://40hicks.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H3 200 /
www.google.com/pagead/1p-user-list/929776688/ 42 B
64 B 165ms
164ms Image
image/gif 142.250.193.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/929776688/?random=1734083456614&cv=11&fst=1734080400000&bg=ffffff&guid=ON&async=1&gtm=45be4cb0v880085321z871499767za201zb71499767&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2F40hicks.com%2F&hn=www.googleadservices.com&frm=0&tiba=40%20Hicks%20Crescent%20%2C%20Waikanae%20Beach%20-%204%20Bed%20House%20-%20Auction&npa=0&pscdl=noapi&auid=1363326249.1734083456&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dgf872sn2tgmzVd4L18yXDQJ9-mJmlA&random=3585336200&rmt_tld=0&ipr=y

Requested by

Host: 40hicks.com
URL: https://40hicks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.193.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa05s24-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 13 Dec 2024 09:50:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/929776688/ 42 B
64 B 169ms
169ms Image
image/gif 142.250.196.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/929776688/?random=1734083456614&cv=11&fst=1734080400000&bg=ffffff&guid=ON&async=1&gtm=45be4cb0v880085321z871499767za201zb71499767&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2F40hicks.com%2F&hn=www.googleadservices.com&frm=0&tiba=40%20Hicks%20Crescent%20%2C%20Waikanae%20Beach%20-%204%20Bed%20House%20-%20Auction&npa=0&pscdl=noapi&auid=1363326249.1734083456&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dgf872sn2tgmzVd4L18yXDQJ9-mJmlA&random=3585336200&rmt_tld=1&ipr=y

Requested by

Host: 40hicks.com
URL: https://40hicks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 13 Dec 2024 09:50:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H/1.1 200
OK fa0c099cdc7c4f805f4d74ee7e6146561227863ca16fa4091f84662a20a20130 Show response
mmmuq2ygw2.ap-southeast-2.awsapprunner.com/events/ 0
520 B 110ms
50ms XHR
text/plain 52.65.188.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mmmuq2ygw2.ap-southeast-2.awsapprunner.com/events/fa0c099cdc7c4f805f4d74ee7e6146561227863ca16fa4091f84662a20a20130
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/121884184922343?v=2.9.178&r=stable&domain=40hicks.com&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.65.188.110 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-65-188-110.ap-southeast-2.compute.amazonaws.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://40hicks.com/

Response headers

access-control-allow-origin: https://40hicks.com
content-length: 0
date: Fri, 13 Dec 2024 09:50:57 GMT
x-envoy-upstream-service-time: 2
vary: origin
server: envoy
access-control-allow-credentials: true

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 15ms
4ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=121884184922343&ev=PageView&dl=https%3A%2F%2F40hicks.com%2F&rl=&if=false&ts=1734083457502&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4124&fbp=fb.1.1734083457499.55239544280611706&eid=ob3_plugin-set_9d3fd9fecec4a3a0945d1793bc833e58849cddb5fc8ae9e798e645d103e1fa85&cs_est=true&ler=empty&cdl=API_unavailable&it=1734083456252&coo=false&rqm=GET

Requested by

Host: 40hicks.com
URL: https://40hicks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4532, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 13 Dec 2024 09:50:57 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 299ms
287ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=121884184922343&ev=PageView&dl=https%3A%2F%2F40hicks.com%2F&rl=&if=false&ts=1734083457502&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4124&fbp=fb.1.1734083457499.55239544280611706&eid=ob3_plugin-set_9d3fd9fecec4a3a0945d1793bc833e58849cddb5fc8ae9e798e645d103e1fa85&cs_est=true&ler=empty&cdl=API_unavailable&it=1734083456252&coo=false&rqm=FGET

Requested by

Host: 40hicks.com
URL: https://40hicks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447831738110318919"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x11b4bca375b3c5c4","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["2961275020552042","2831872873539116"]},"debug_reporting":true,"debug_key":"174202563764626107"}
date: Fri, 13 Dec 2024 09:50:57 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: RnKk9obJKU40ogYBQ25x/BJ4Wy9yEbkuj/acuPRvAuOxZ2B00rf9nxKfjiHLldrZxhf0Fnuahr2r6J2CatnceA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447831738110318919", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4900, tp=13, tpl=0, uplat=283, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK slick.woff
propertyshowcase.com/content/property/designs/1/fonts/ 1 KB
2 KB 13ms
12ms Font
font/x-woff 20.53.95.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://propertyshowcase.com/content/property/designs/1/fonts/slick.woff
Requested by: Host: propertyshowcase.com
URL: https://propertyshowcase.com/content/property/designs/1/styles/css/design-base.css?v=20221103T031430P
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.53.95.194 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://40hicks.com
Referer: https://propertyshowcase.com/content/property/designs/1/styles/css/design-base.css?v=20221103T031430P

Response headers

ETag: "0eaa5729f3dd81:0"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 1380
Date: Fri, 13 Dec 2024 09:50:58 GMT
Content-Type: font/x-woff
Last-Modified: Tue, 22 Mar 2022 03:46:44 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H2 200 57555606crop1600x1000.jpg
dylxu3usbmz3z.cloudfront.net/CtImage/634706233792307700241622310605/ 316 KB
316 KB 9ms
7ms Image
image/jpeg 108.158.29.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dylxu3usbmz3z.cloudfront.net/CtImage/634706233792307700241622310605/57555606crop1600x1000.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.29.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-29-68.syd3.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a138f1be5acf570e6800d047bfec53b24896335b3ce51e9a1d7c36ce0507b628

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

cache-control: public
x-aspnet-version: 4.0.30319
age: 2517789
via: 1.1 9fe9a459a2b2b8935dc7f533182681dc.cloudfront.net (CloudFront)
expires: Fri, 14 Nov 2025 06:27:49 GMT
x-cache: Hit from cloudfront
content-length: 323181
x-amz-cf-id: 1QdXO_Txd5_82aA4SI5efFvBDcnEeSAYI98cLiajevAua5OasX2hvg==
date: Thu, 14 Nov 2024 06:27:49 GMT
content-type: image/jpeg
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0
x-amz-cf-pop: SYD3-P2

GET
H2 200 57555608crop1600x1000.jpg
dylxu3usbmz3z.cloudfront.net/CtImage/634706233792307700241622310605/ 292 KB
0 1ms
1ms Image
image/jpeg 108.158.29.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dylxu3usbmz3z.cloudfront.net/CtImage/634706233792307700241622310605/57555608crop1600x1000.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.29.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-29-68.syd3.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b600afa44bd30d68a98d71a1f34528ee3e7f3ed62754c899cc0240d32f147322

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

cache-control: public
x-aspnet-version: 4.0.30319
age: 2112582
via: 1.1 9fe9a459a2b2b8935dc7f533182681dc.cloudfront.net (CloudFront)
expires: Tue, 18 Nov 2025 23:01:12 GMT
x-cache: Hit from cloudfront
content-length: 298938
x-amz-cf-id: f_M7jghYSbDx6osznzqvrxTyIk2nIYt7cvqNaI-5N14STD9d3eTF6g==
date: Mon, 18 Nov 2024 23:01:12 GMT
content-type: image/jpeg
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0
x-amz-cf-pop: SYD3-P2

GET
H2 200 57555607crop1600x1000.jpg
dylxu3usbmz3z.cloudfront.net/CtImage/634706233792307700241622310605/ 236 KB
237 KB 13ms
11ms Image
image/jpeg 108.158.29.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dylxu3usbmz3z.cloudfront.net/CtImage/634706233792307700241622310605/57555607crop1600x1000.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.29.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-29-68.syd3.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 676134f6476c975e99a8e1f8cf076489e43ae1472aa6f5cfc33bb53e458717ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

cache-control: public
x-aspnet-version: 4.0.30319
age: 2517789
via: 1.1 9fe9a459a2b2b8935dc7f533182681dc.cloudfront.net (CloudFront)
expires: Fri, 14 Nov 2025 06:27:49 GMT
x-cache: Hit from cloudfront
content-length: 241659
x-amz-cf-id: c5fYUIXV4RM3RLeN7Ktz4pnnzWcKvlsVlJv5ElKB16AlNwfHjpI3oQ==
date: Thu, 14 Nov 2024 06:27:49 GMT
content-type: image/jpeg
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0
x-amz-cf-pop: SYD3-P2

GET
H/1.1 200
OK favicon-32x32.png
propertyshowcase.com/content/property/designs/1/images/ 667 B
970 B 5ms
5ms Other
image/png 20.53.95.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://propertyshowcase.com/content/property/designs/1/images/favicon-32x32.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.53.95.194 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bc2e4e04095555ceef6107394ee2401d4a6d5997d813cac0cb839a3ad48aa80f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://40hicks.com/

Response headers

ETag: "0eaa5729f3dd81:0"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 667
Date: Fri, 13 Dec 2024 09:50:58 GMT
Content-Type: image/png
Last-Modified: Tue, 22 Mar 2022 03:46:44 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mmmuq2ygw2.ap-southeast-2.awsapprunner.com/events/fa0c099cdc7c4f805f4d74ee7e6146561227863ca16fa4091f84662a20a20130	1970-01-21 03:50:59	Name: cee Value: %2BgCfq75fkl18D2yfSooMHOtq3MfQLjWrBDHoDyWsJm4%3D.%7B%7D
40hicks.com/	1969-12-31 23:59:59	Name: jobtrack Value: d9586c437656860db14ed6295f019335
propertyshowcase.com/	1969-12-31 23:59:59	Name: jobtrackCORS Value: 964f9529afb42d975c2e88b611ec86d5
files.campaigntrack.com/	1969-12-31 23:59:59	Name: ctrackCORS Value: 4b188efb67f1688f443283f98bfcd2f2
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: w9_MADLHx0U
.youtube.com/	1970-01-21 06:00:35	Name: VISITOR_INFO1_LIVE Value: DnTo9s5JnEU
.youtube.com/	1970-01-21 06:00:35	Name: VISITOR_PRIVACY_METADATA Value: CgJBVRIEGgAgKg%3D%3D
.40hicks.com/	1970-01-21 03:50:59	Name: _gcl_au Value: 1.1.1363326249.1734083456
.40hicks.com/	1970-01-21 11:17:23	Name: _ga_JY8YG1XGT5 Value: GS1.1.1734083456.1.0.1734083456.60.0.0
.40hicks.com/	1970-01-21 11:17:23	Name: _ga Value: GA1.2.221547258.1734083457
.40hicks.com/	1970-01-21 01:42:49	Name: _gid Value: GA1.2.961731360.1734083457
.40hicks.com/	1970-01-21 01:41:23	Name: _gat_UA-61758358-3 Value: 1
.doubleclick.net/	1970-01-21 01:41:24	Name: test_cookie Value: CheckForPermission
.40hicks.com/	1970-01-21 03:50:59	Name: _fbp Value: fb.1.1734083457499.55239544280611706

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

40hicks.com
analytics.google.com
apis.google.com
connect.facebook.net
dylxu3usbmz3z.cloudfront.net
files.campaigntrack.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.campaigntrack.com
mmmuq2ygw2.ap-southeast-2.awsapprunner.com
propertyshowcase.com
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.gstatic.com
www.youtube.com
108.158.29.68
142.250.193.100
142.250.193.110
142.250.195.110
142.250.195.162
142.250.195.195
142.250.195.200
142.250.195.35
142.250.196.170
142.250.196.67
142.250.67.78
157.240.8.23
157.240.8.35
20.193.7.105
20.53.95.194
216.58.200.130
52.147.15.202
52.156.169.167
52.65.188.110
74.125.68.156
02ab1f00dbfc53771e0e8167050beb2fbb9ca55b903449c45d526479b1aa573f
0f0ba04c61af50fc026908c7024d0b963f375b8b652a48a27e2833edda1bcb7a
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2e3fddda895ee9813b9f8bc03bda37753a46fc949197e706a2b74a4d6cd7273e
338bd3b943dff542ec209e94c3974ea4ad446d80d76d5d3613fae3b3f6f5e803
3e0f0ded782de3dfda828e1f93240c85ae2a516ccbd5cc2ac86984a7982ae4c2
43ed485d768c1ec52139f7f3cbeaecbd50188395bac3f95d5a929abaf344e6fa
480f5e86198e1ac52312cc345faf38720bb2e301eb626e8a6f637f546e131c32
4ab218a27e3e7ed51050cac42b7dc5930ab93c6a05236330f41378cb835700d0
4bf0df15d50f364420aa23d1ed2058f3ff006d1df433db34a2513c544bebad6b
52b3900ef333a2a8928fa6e9ee3b3d367c6050205da6787d08435c0d794ab6d6
55e6fbd8ab3e09e25dc9b65f409cbea724ea398421488778a390a116ec6b32e8
59750f35f284d61f219fa49f651b6d350eccbaf01307686f4f3e452810caceb9
6423f1cd9ae1863b20e454e70e74965671e1f22a3e6738e689d96a943589b502
652e8677aec33767d2a5f229384f79b4f526104bf7e94d7d258070f94743c3cc
676134f6476c975e99a8e1f8cf076489e43ae1472aa6f5cfc33bb53e458717ea
7177fb193a8752104a9e391433d1bd23177841186fa184654f5bc0df98f18314
78a9a05fa9772c82fb10d053a5ed4ab56546b3e60e56844f0f47dbd12c927016
7bf3bfa26fc3234f68b3b5dce82859948ba151946bcf39e37f9a22f1a5e44b57
8499c4527661f65886e365fdbaba0cabbddaced9fc2c1af4c6b04c9bbe74422c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9c143b0d49c00d71de9414d8461e0c25b400fcff8fa9c7386ecc10d64a69b309
a138f1be5acf570e6800d047bfec53b24896335b3ce51e9a1d7c36ce0507b628
a55af9ffdcc1fab4e930d169228dcc0bf26f9cf1846e073a1fd40c63548dfec2
a9e3a0d21922a0a8445b1e4b2c5a4e277a0065f1fd349bd06f41bd41a407b388
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b188f00addb9857579c89f9eb41d2594295c8297ed767c04d3801458c9d7b023
b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6
b600afa44bd30d68a98d71a1f34528ee3e7f3ed62754c899cc0240d32f147322
bc2e4e04095555ceef6107394ee2401d4a6d5997d813cac0cb839a3ad48aa80f
be593ad8d3c6387a4c49d59a468db46cc42f36a5c6e4b7cc946948dd2b385c10
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
c88ede6cde1c13c86348555588926e299edb1ad1e3f4430a32058cdc0e2cc6b3
d0cd1fdf3a3d9e233dd2ca09af2ae11295ba9d6f1cc185f67dfe127ee4b61d4b
d2f31d985701f200397b957b8740ccb5469f33c03cbc6946daf01838cebc547d
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8d1544bb47c74ef9a9b177a721c628aeff0be0f9f6a57b18769a7d67055c759
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

40hicks.com Open in urlscan Pro 52.147.15.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

98 %HTTPS

0 %IPv6

15 Domains

21 Subdomains

20 IPs

2 Countries

2345 kBTransfer

4893 kBSize

14 Cookies

12 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

40hicks.com Open in urlscan Pro
52.147.15.202 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

98 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

20
IPs

2
Countries

2345 kB
Transfer

4893 kB
Size

14
Cookies

56 HTTP transactions
0 data transactions