www.downunderenterprises.com Open in urlscan Pro
2606:2c40::c73c:671f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Submission Tags: falconsandbox
Submission: On July 12 via api (July 12th 2021, 6:14:00 pm UTC) from US

Summary HTTP 76 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 19 domains to perform 76 HTTP transactions. The main IP is 2606:2c40::c73c:671f, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.downunderenterprises.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2021. Valid for: a year.

This is the only time www.downunderenterprises.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:2c40::c7... 2606:2c40::c73c:671f	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2606:4700::68... 2606:4700::6811:f4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.25.53 13.32.25.53	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	199.185.0.231 199.185.0.231	21592 (MULTIVIEW) (MULTIVIEW)
1 2	34.254.108.170 34.254.108.170	16509 (AMAZON-02) (AMAZON-02)
1	52.222.150.145 52.222.150.145	16509 (AMAZON-02) (AMAZON-02)
1 3	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:81ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5605	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:9d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
76	24

18 2606:2c40::c73c:671f (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.downunderenterprises.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:f4cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.25.53 (United States)

ASN16509 (AMAZON-02, US)

trust.profiles.eco	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.185.0.231 (United States)

ASN21592 (MULTIVIEW, US)

www.rumiview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.108.170 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-108-170.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.150.145 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-150-145.cdg52.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

9815887.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e8cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:9d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	downunderenterprises.com www.downunderenterprises.com	1 MB
14	gstatic.com www.gstatic.com fonts.gstatic.com	528 KB
8	hubspot.net cdn2.hubspot.net	250 KB
7	hubspot.com app.hubspot.com track.hubspot.com api.hubspot.com forms.hubspot.com	21 KB
7	google.com www.google.com adservice.google.com	65 KB
5	hsappstatic.net static.hsappstatic.net	221 KB
3	hs-banner.com js.hs-banner.com	15 KB
3	doubleclick.net 1 redirects 9815887.fls.doubleclick.net	677 B
2	hsforms.com forms.hsforms.com perf.hsforms.com	685 B
2	adsrvr.org 1 redirects insight.adsrvr.org	408 B
1	usemessages.com js.usemessages.com	20 KB
1	hsleadflows.net js.hsleadflows.net	80 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	hscollectedforms.net js.hscollectedforms.net	24 KB
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	630 B
1	rumiview.com www.rumiview.com	58 KB
1	googletagmanager.com www.googletagmanager.com	34 KB
1	profiles.eco trust.profiles.eco	975 B
1	adobedtm.com assets.adobedtm.com	16 KB
76	19

	Domain	Requested by
18	www.downunderenterprises.com	www.downunderenterprises.com js.usemessages.com
9	www.gstatic.com	www.google.com www.gstatic.com
8	cdn2.hubspot.net	www.downunderenterprises.com
6	www.google.com	www.downunderenterprises.com www.gstatic.com www.google.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
5	fonts.gstatic.com	www.google.com
4	track.hubspot.com
3	js.hs-banner.com	www.downunderenterprises.com js.hs-banner.com
3	9815887.fls.doubleclick.net	1 redirects www.googletagmanager.com www.downunderenterprises.com
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
1	forms.hubspot.com	js.hsleadflows.net
1	api.hubspot.com	static.hsappstatic.net
1	app.hubspot.com	js.usemessages.com
1	adservice.google.com	9815887.fls.doubleclick.net
1	perf.hsforms.com	www.downunderenterprises.com
1	forms.hsforms.com	www.downunderenterprises.com
1	js.usemessages.com	www.downunderenterprises.com
1	js.hsleadflows.net	www.downunderenterprises.com
1	js.hs-analytics.net	www.downunderenterprises.com
1	js.hscollectedforms.net	www.downunderenterprises.com
1	d1eoo1tco6rr5e.cloudfront.net	assets.adobedtm.com
1	www.rumiview.com	www.downunderenterprises.com
1	www.googletagmanager.com	assets.adobedtm.com
1	trust.profiles.eco	www.downunderenterprises.com
1	assets.adobedtm.com	www.downunderenterprises.com
76	25

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.youtube.com
profiles.eco
1074262.app.netsuite.com

Subject Issuer	Validity	Valid
www.downunderenterprises.com Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2021-06-06` - `2022-06-05`	a year	crt.sh
trust.profiles.eco Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.rumiview.com Go Daddy Secure Certificate Authority - G2	`2021-02-09` - `2022-03-13`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Frame ID: 0937E76F4F712C6DFAE2C2C35BD2A122
Requests: 46 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/9ciagjv/vw3mcye/iframe
Frame ID: 30755264E86AA9377631512FD4898629
Requests: 2 HTTP requests in this frame

Frame: https://9815887.fls.doubleclick.net/activityi;dc_pre=CPjmzaaR3vECFfYfBgAdsLULKQ;src=9815887;type=siter0;cat=siter0;ord=2680344541233;gtm=2od770;auiddc=995781926.1626113622;ps=1;~oref=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications
Frame ID: 1D5A868F178E680747DF8B2B4C79B11E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuZG93bnVuZGVyZW50ZXJwcmlzZXMuY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=p7nzo5pcrt45
Frame ID: B71AAEBB3C7788994A689F2A12A4BF6F
Requests: 7 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/4860912/threads/utk/208231b773e349d19a0e721bf399b4cd?uuid=6dc2f120d4a446d5bdc91d4ef53c0327&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=downunderenterprises.com&inApp53=false&messagesUtk=208231b773e349d19a0e721bf399b4cd&url=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=true
Frame ID: D924D67C9882FF17179AA6D3EDB28D18
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=wb6agz52vvru
Frame ID: 6D82CE02E5E484BDDC953EA9B4F762CC
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Adobe DTM (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/assets.adobedtm.com\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

76
Requests

100 %
HTTPS

79 %
IPv6

19
Domains

25
Subdomains

24
IPs

3
Countries

2800 kB
Transfer

5715 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/down-under-enterprises

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC8WJrattKBVQHLowGcdiYIg

Search URL Search Domain Scan URL

URL: https://profiles.eco/sandalwood?ref=tm
Title:

Search URL Search Domain Scan URL

URL: https://1074262.app.netsuite.com/app/login/secure/privatelogin.nl?c=1074262
Title: Customer Portal

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://insight.adsrvr.org/tags/9ciagjv/vw3mcye/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/9ciagjv/vw3mcye/iframe

Request Chain 25

https://9815887.fls.doubleclick.net/activityi;src=9815887;type=siter0;cat=siter0;ord=2680344541233;gtm=2od770;auiddc=995781926.1626113622;ps=1;~oref=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications HTTP 302
https://9815887.fls.doubleclick.net/activityi;dc_pre=CPjmzaaR3vECFfYfBgAdsLULKQ;src=9815887;type=siter0;cat=siter0;ord=2680344541233;gtm=2od770;auiddc=995781926.1626113622;ps=1;~oref=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request tea_tree_oil_white_paper_acne_applications Show response
www.downunderenterprises.com/ 22 KB
7 KB 203ms
178ms Document
text/html 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / HubSpot

Resource Hash

f8256587ef4143cd080a6ca897c60fa0e7056e8e385733ee071cc91596e6a8ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0

Request headers

:method: GET
:authority: www.downunderenterprises.com
:scheme: https
:path: /tea_tree_oil_white_paper_acne_applications
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:41 GMT
content-type: text/html; charset=UTF-8
cache-control: s-maxage=10800, max-age=0
etag: W/"d205e86f5190a013046dc9efbbccd39b"
last-modified: Sat, 10 Jul 2021 12:52:30 GMT
link: </hs/hsstatic/cos-i18n/static-1.37/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/HubspotToolsMenu/static-1.103/js/index.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
strict-transport-security: max-age=0
cache-tag: CT-49849936196,P-4860912,L-20775464641,W-1573456316271,W-1573457527480,CW-20173739517,CW-20775606132,CW-20775966840,CW-36501932446,E-19369331583,E-20140977529,E-30689855443,PGS-ALL,SW-1,GC-27199535191,GC-37924744541
content-security-policy: upgrade-insecure-requests
edge-cache-tag: CT-49849936196,P-4860912,L-20775464641,W-1573456316271,W-1573457527480,CW-20173739517,CW-20775606132,CW-20775966840,CW-36501932446,E-19369331583,E-20140977529,E-30689855443,PGS-ALL,SW-1,GC-27199535191,GC-37924744541
referrer-policy: no-referrer-when-downgrade
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cf-cache-status: HIT
x-hs-combine-css: Disabled
x-hs-content-campaign-id: 657c693d-5f60-43e6-8fdc-31b2bd4123fd
x-hs-content-id: 49849936196
x-hs-hub-id: 4860912
x-hs-prerendered: Sat, 10 Jul 2021 12:52:30 GMT
x-powered-by: HubSpot
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BmHv4%2FFZRo9cXvdsG0SAOYb1y4s8fgXm7E1aYNwix2svsDMMNkVPzGzd7Ixnktr9wne4bkGJI%2B5ZpFM%2B2Rk6js1ftDn7fbXoS2QOKzA2b01eIOcIp9X3hRW0u3MArmLoe1kNUNMk7syPG6DjE5zSzjkgZO9j"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __cfruid=b4bd2cf39a1f6325a8416264acbd3d0fd9e656a2-1626113621; path=/; domain=.www.downunderenterprises.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 66dc3f3258c4c2c2-FRA
content-encoding: br
cf-h2-pushed: </hs/hsstatic/cos-i18n/static-1.37/bundles/project.js>,</hs/hsstatic/HubspotToolsMenu/static-1.103/js/index.js>,</_hcms/forms/v2.js>

GET
H2 200 project.js Show response
www.downunderenterprises.com/hs/hsstatic/cos-i18n/static-1.37/bundles/ 1 KB
1 KB 71ms
0ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.downunderenterprises.com/hs/hsstatic/cos-i18n/static-1.37/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

69aea70ed00c6297e407afc0b1ccf6db9629eedc412bf0779467f3e462d346e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2084859
x-amz-server-side-encryption: AES256
cf-ray: 66dc3f335aefc2c2-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C2
content-encoding: br
last-modified: Mon, 14 Jun 2021 16:41:38 GMT
server: cloudflare
etag: W/"6c562b3f1d6a0148fda97d4847422c6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u2Q%2Bx03tdg7KXT91gNZVjVg1XrMNnrPndY1kjCe7DLQsu4bnAz1ep%2BdkUMYqMZzC6gqimZT%2BmFSBLj8jWdKJ%2B254i8UkZarrEZF2C%2BdN8QiR0FR1GDi7Bkt5KZXpbWjDrsuR3di5cpGFtSQQghAYFfXdo6t%2B"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: M9oUePGbwt7hrJpARSIQzQLaIi7kmGEy
cache-control: public, max-age=31536000
set-cookie: __cfruid=b4bd2cf39a1f6325a8416264acbd3d0fd9e656a2-1626113621; path=/; domain=.www.downunderenterprises.com; HttpOnly; Secure; SameSite=None
content-type: application/javascript
x-amz-cf-id: DUXbRLuhPxzxlhKqx2KMF2WMfvTtTR6IQDORvdAyUi-gNVGhIKhf-Q==
expires: Tue, 12 Jul 2022 18:13:41 GMT

GET
H2 200 index.js Show response
www.downunderenterprises.com/hs/hsstatic/HubspotToolsMenu/static-1.103/js/ 51 KB
19 KB 138ms
0ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.downunderenterprises.com/hs/hsstatic/HubspotToolsMenu/static-1.103/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4a38b04932e2ad77d85997f5cef0de384ecc1bb0b854cf619cb32501158692e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 9c7e5857d78c5dc89042979317de5843.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5118917
x-amz-server-side-encryption: AES256
cf-ray: 66dc3f335af2c2c2-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-cf-pop: DEN50-C2
content-encoding: br
last-modified: Fri, 14 May 2021 12:13:32 GMT
server: cloudflare
etag: W/"006946e614d6ef469f5c9e46b4836d15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oxbFYPVhqRoqc2LTB2g6yVG0GlHEi6ABU%2F76eGRbJgejaqJznSw4Utuh6ha9Wn7XAYK6yrOreMrHev0plCxipbRj9EjVcL13G556lrmV7gMBBgyk4AUJiIV8B8uC2L5wTNZO%2FM9r2F3kcvfuanu%2BlZBOaQi5"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: NS5brkaR0OO1ViABjiLPNZKumB_gwu3c
cache-control: public, max-age=31536000
set-cookie: __cfruid=b4bd2cf39a1f6325a8416264acbd3d0fd9e656a2-1626113621; path=/; domain=.www.downunderenterprises.com; HttpOnly; Secure; SameSite=None
content-type: application/javascript
x-amz-cf-id: I1j6RqtXQalDbXMhdqYXqor4a2LFOh4E-WrqLmy0b_M1v_wzGxNReA==
expires: Tue, 12 Jul 2022 18:13:41 GMT

GET
H2 200 v2.js Show response
www.downunderenterprises.com/_hcms/forms/ 574 KB
135 KB 68ms
0ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.downunderenterprises.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3deb2a6295e260738f6a0b484f7a437292f2e1d731890a13c147f3a9c4a68e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 ddeb8679359f033dad405557c487bfdd.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 345
x-amz-server-side-encryption: AES256
cf-ray: 66dc3f335af5c2c2-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-cf-pop: IAD89-C3
content-encoding: br
last-modified: Mon, 12 Jul 2021 12:39:40 UTC
server: cloudflare
etag: W/"5bfdb078d61c96c627e08c9ecc5bb68c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BqFST1BKsvhgOVVncFLy0eqZ7uMnYCI1mR7OslBnpxEHLkQq7P6bMH0WbtoAzNR04AyNH%2FHhfF4EmILrMLWLSCK8bQTkI4SA%2F31wXtipz8dxPd%2BVLqLlU%2BgDxXDtDnXi0%2BxeZZS9P8mtnQ5WXsLE9ys4qFBr"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: GCZopFHTvlm.gNQoupg8JGhS5BcWwpbs
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
set-cookie: __cfruid=b4bd2cf39a1f6325a8416264acbd3d0fd9e656a2-1626113621; path=/; domain=.www.downunderenterprises.com; HttpOnly; Secure; SameSite=None
content-type: application/javascript; charset=utf-8
x-amz-cf-id: a_xlWcivaf-A_xDHAJsSH6459ffe36bj2U-oWgZdDiSJ46kD8JgsyA==
x-hs-target-asset: FormsNext/static-5.340/bundles/project_with_deps.js

GET
H2 200 jquery-1.7.1.js Show response
www.downunderenterprises.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 92 KB
33 KB 74ms
72ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.downunderenterprises.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js

Requested by

Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:path: /hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js
pragma: no-cache
cookie: __cfruid=b4bd2cf39a1f6325a8416264acbd3d0fd9e656a2-1626113621
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.downunderenterprises.com
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 89a45b9ac94fb6c6e52c37fdd89a6cb1.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9666755
cf-ray: 66dc3f338b33c2c2-FRA
x-cache: Hit from cloudfront
content-encoding: br
last-modified: Tue, 25 Nov 2014 17:03:30 GMT
server: cloudflare
etag: W/"ddb84c1587287b2df08966081ef063bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=t8%2FK41HJUaWtwiSTwwjDX0%2Bu50Lx9TDZ50hCv1COs06ZijRjWLWkbBfJh22Fe%2FZpI7RlWaeSpJr7UqdHwtbFvR7k1S159qHEHidqT5qiLjjZPv8CfGXWD7j0HaoWbDeQVZ5LjL0GOAsuO7AYi58GUvc07Chb"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: public, max-age=31536000
x-amz-cf-pop: MUC50-C1
content-type: application/javascript
x-amz-cf-id: uvar5S_Za3dK85YyzXeF9Juu2xF5FRZKLPmzTFmNHquwiPqBpBjL9A==
expires: Tue, 12 Jul 2022 18:13:41 GMT

GET
H2 200 module_20775606132_Image_Banner_-_2_Module.min.css
www.downunderenterprises.com/hs-fs/hub/4860912/hub_generated/module_assets/20775606132/1606981038597/ 2 KB
1 KB 181ms
179ms Stylesheet
text/css 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.downunderenterprises.com/hs-fs/hub/4860912/hub_generated/module_assets/20775606132/1606981038597/module_20775606132_Image_Banner_-_2_Module.min.css
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d86e3e5596108c9411494ed3c1dddfd812750126864620f4e88b65f368d4f89a

Request headers

:path: /hs-fs/hub/4860912/hub_generated/module_assets/20775606132/1606981038597/module_20775606132_Image_Banner_-_2_Module.min.css
pragma: no-cache
cookie: __cfruid=b4bd2cf39a1f6325a8416264acbd3d0fd9e656a2-1626113621
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.downunderenterprises.com
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1606981038597
date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 fba666ceffdeb316c8edf476d8994bd5.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 65
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: EHR4B18FFMMR258B
x-amz-id-2: X3ngMPHdDAQi2vWZuwvt/oV7wC010AHm8eCSMByYzY/R5C9Vi0Qlzu5Nldw1dT8frUJ8I9gY++A=
last-modified: Thu, 03 Dec 2020 07:37:19 GMT
server: cloudflare
etag: W/"0fde05b545153ebfe4cbce335e23592b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6vkQ5WE9Hcg6vfrl96%2BIz3mDHTck%2FUL%2BvWvmVZGiMSXm3Nyk6wGR2xXFqAFq0IYtPXY07WYUsI98PIOZBdbGtaC%2BCXaEOacYFz5M3hhubRTg%2BgD%2BR9JIlf0i0qZNmTrlgB8PbbJgf0rW9EX5VJj9S3v7udTF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: esDbE8S2v4lX11NNuQJUZSAYAyVSZ.ZY
x-amz-cf-pop: IAD89-C1
cf-ray: 66dc3f338b36c2c2-FRA
x-amz-cf-id: YIoB7AU0eszyt8j5eO_iuFInVoWWRMfEF1U3y19vFXq5aM66vVHl2w==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 module_20775966840_Two_Column_Form_Module.min.css
www.downunderenterprises.com/hs-fs/hub/4860912/hub_generated/module_assets/20775966840/1606267277675/ 3 KB
1 KB 65ms
64ms Stylesheet
text/css 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.downunderenterprises.com/hs-fs/hub/4860912/hub_generated/module_assets/20775966840/1606267277675/module_20775966840_Two_Column_Form_Module.min.css
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 853a34dafb071041464fbe495a845ffeeeab79afee39d7dc07ab1e0a379a9c61

Request headers

:path: /hs-fs/hub/4860912/hub_generated/module_assets/20775966840/1606267277675/module_20775966840_Two_Column_Form_Module.min.css
pragma: no-cache
cookie: __cfruid=b4bd2cf39a1f6325a8416264acbd3d0fd9e656a2-1626113621
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.downunderenterprises.com
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1606267277675
date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 936f33bed45438343f0ef2adff442815.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 65
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: EHR61TS1GTCXEQGB
x-amz-id-2: lhPIY8OjHf6Kr1jNIAuP6qA8FJgt1rVSVR8CLAKfaEf9urduv5rHiKiD8AeQ1tNErAPwzMVmcBI=
last-modified: Wed, 25 Nov 2020 01:21:18 GMT
server: cloudflare
etag: W/"84b73d66e256fa997cf258a7fafba498"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Svspp3crjqof6kJy6Da6E47JX89VkeYM1OxrRLt%2F5pv9z%2BWOxZo7gHQKyiWDgfyXznA3CEnOvYUnYFS%2FjEPCZ0YL1L9qkuh4Oai01lH1nSqkvbArX5AQZJ%2F5XHXN3dbGeyXZSYfcQjKEFUTitJgvPnyogipB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: IjT2rAPla8K2eRFypHfdzy8aNjInMXYq
x-amz-cf-pop: IAD89-C1
cf-ray: 66dc3f338b39c2c2-FRA
x-amz-cf-id: HJwQ5uNYNWSw1ucDBnQz07J_leFUvp7HNFaZ7KWoGjarVpPXsRveag==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 launch-66d8ddb43b7e.min.js Show response
assets.adobedtm.com/175f7caa2b90/3bc5f38baaf1/ 50 KB
16 KB 19ms
6ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/175f7caa2b90/3bc5f38baaf1/launch-66d8ddb43b7e.min.js
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1cbaa551c65d4141b67eeb665be0c32de12428ff0e2d01cc662493acb10bea34

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:41 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 20:55:28 GMT
server: AkamaiNetStorage
etag: "9940a6ae723fd82f080bae849516a97b:1611089728.290822"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.downunderenterprises.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 16423
expires: Mon, 12 Jul 2021 19:13:41 GMT

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1625518205134/hubspot/hubspot_default/shared/responsive/ 5 KB
2 KB 46ms
30ms Stylesheet
text/css 2606:4700::6811:f4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1625518205134/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1625518205437
date: Mon, 12 Jul 2021 18:13:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 595350
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tWg4NTmhEpI7aEnbxNy8%2FCK0y2%2FZki02lP0WlcsiOy5eYfAT6BPT2%2BIz8jHB%2BcT8sNTavM%2FluyWJBbeXE61HiuNivfjc%2BTwSvTuxDG1zIKIAUfwXZuOHlGN56ITZ7OR%2BcW7YV4XZ6C%2BA"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
last-modified: Mon, 05 Jul 2021 20:50:06 GMT
server: cloudflare
etag: W/"0b0c633d59ab0af9553a98c0e7d97349"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-C1
cf-ray: 66dc3f339b6605e4-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 main.min.css
www.downunderenterprises.com/hs-fs/hub/4860912/hub_generated/template_assets/19369331583/1604642127796/Templates_2019/Coded_Files/css/ 180 KB
34 KB 48ms
47ms Stylesheet
text/css 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.downunderenterprises.com/hs-fs/hub/4860912/hub_generated/template_assets/19369331583/1604642127796/Templates_2019/Coded_Files/css/main.min.css
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc1aef90a382654d13406af9eef8d597a2273ceaf8ac685ac65033fb752669b3

Request headers

:path: /hs-fs/hub/4860912/hub_generated/template_assets/19369331583/1604642127796/Templates_2019/Coded_Files/css/main.min.css
pragma: no-cache
cookie: __cfruid=b4bd2cf39a1f6325a8416264acbd3d0fd9e656a2-1626113621
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.downunderenterprises.com
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1604642127797
date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 14d757a67b913f1bc93427e69819362d.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 65
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: D2HFWPSZGJXTJCZ7
x-amz-id-2: bSh4Rb1EyTphyXTuuNFadqSNYX+TQmgwf2uuIW4YY1sqUtmcZzorLH+KzK3E2lpRdFFeRM0Iodo=
last-modified: Fri, 06 Nov 2020 05:55:28 GMT
server: cloudflare
etag: W/"ae70e458616fa095108da98e87c95c84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IfKXYkcSgRiQUItkgx0hEeoh5NApxPnzkVt1cm8knQaPAbsngfuN%2BpgwpvAUOeEgFza7iHydJlY6oaXrFlf%2BLNXIHCs8z8mvXLtgzPk1jSOIAZ9XzHzLks4sVyQuWrbp%2B0kVsdCxBAH6D%2BKiB7WPoGtw8MUg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: G14JqhTQnywjCZZLQEjc6l6ovN8FlJfV
x-amz-cf-pop: IAD89-C1
cf-ray: 66dc3f338b3bc2c2-FRA
x-amz-cf-id: 2KC_kTqSZvKcAmFXv0y89M9tvwC0XGaHZvUxva0KBQxwO5Gvtp4aZg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Group%204177.png
www.downunderenterprises.com/hubfs/ 3 KB
4 KB 68ms
67ms Image
image/webp 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.downunderenterprises.com/hubfs/Group%204177.png
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3e966dba9ce9660e8db166e39c0c79ec50d1f44373a9006ac2270f1a597b6d5

Request headers

:path: /hubfs/Group%204177.png
pragma: no-cache
cookie: __cfruid=b4bd2cf39a1f6325a8416264acbd3d0fd9e656a2-1626113621
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.downunderenterprises.com
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-20306001025,P-4860912,FLS-ALL
age: 43531
cf-polished: origFmt=png, origSize=7687
edge-cache-tag: F-20306001025,P-4860912,FLS-ALL
content-disposition: inline; filename="Group%204177.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: VMV1N2E3TC4BABWM
x-amz-id-2: my7ka/6U4RBlN5rz1ElcAg/Mq+R44dAgvXSXu0FguPDar5CcKuVlDj2+RCfRqRFN3Xqhj9B6gio=
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Wed, 06 Nov 2019 09:44:25 GMT
server: cloudflare
etag: "e7b7bcd566f8b2f34674d91446d2976b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=E%2F7FiqpS%2Bv6OsqMdVN5xYvIx2h7WP5oTZ7LCby5Ya9NFn7mPMxsV6wqhSoTsOIc8dQiABx2QB9vVIgSQvFbZvhYxYj%2FwYXJFAkSzJjtOCcqzK5Gfu5E40zRZs7YOWOBueKocNyNgdR2gzQp4UTcKRdwU8PBA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 4.lkAycPzslYNJWeacHzg2IZzZMv1Svv
x-amz-cf-pop: FRA56-C1
content-length: 2718
cf-ray: 66dc3f34bd6cc2c2-FRA
x-amz-cf-id: I_F83ZRDsAyIqjoblGuuCh4LkV0_AVkHFDlNJuM_PvofCPvOnr7D8A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 eco-mark.svg
trust.profiles.eco/sandalwood/ 613 B
975 B 423ms
349ms Image
image/svg+xml 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trust.profiles.eco/sandalwood/eco-mark.svg?color=%23FFFFFF
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: eeb64dd5758f718909b362f2da45d81933e374000ea43f439fbb4408ddf4fbcf

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be625.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: 6567df09-9e76-4b7a-b4e0-81dbc7839526
x-cache: Miss from cloudfront
content-type: image/svg+xml
accept: image/svg+xml
x-amzn-trace-id: Root=1-60ec8655-6c39df941613d9c74a683723;Sampled=0
x-amz-apigw-id: CXntZHJ-iYcFoyA=
content-length: 613
x-amz-cf-id: uoSMLyj1tdVZVS3NUUNt-h4efT6qvmupndZJny6gye7NU2wlHw9Zpg==

GET
H2 200 main.min.js Show response
www.downunderenterprises.com/hs-fs/hub/4860912/hub_generated/template_assets/20140977529/1604058179745/Templates_2019/Coded_Files/js/ 8 KB
2 KB 34ms
34ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.downunderenterprises.com/hs-fs/hub/4860912/hub_generated/template_assets/20140977529/1604058179745/Templates_2019/Coded_Files/js/main.min.js
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7b14e8cbc68c5ca532d84f66d7ef45f7d5c89a2602da2e6f19cfd56f867e621

Request headers

:path: /hs-fs/hub/4860912/hub_generated/template_assets/20140977529/1604058179745/Templates_2019/Coded_Files/js/main.min.js
pragma: no-cache
cookie: __cfruid=b4bd2cf39a1f6325a8416264acbd3d0fd9e656a2-1626113621
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.downunderenterprises.com
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1604058179745
date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 148f45d892bd2198be5295012ed59888.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 65
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: G3C71A7B1YTSTC8T
x-amz-id-2: DMWo0tSZw5TmlpI18cSRAIFghkep9/pyRHmibdh61EtZImedDwcJdkURuuTItgiYSU97q0Isdss=
last-modified: Fri, 30 Oct 2020 11:43:00 GMT
server: cloudflare
etag: W/"7af77aa533465a164e46567faff5fbad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JJEG1E6RSP6276udDVZd72E5GA4ljLpE0vVbKWj9h0dOA7mI%2FcvGZyHxD86u9iXuIfVV8Ae3Fn89wXohk8cd4wiDVkx2Zidym%2FjyEhM3K3y8X2BBPQ%2F7Yx4Rg2%2FaS%2Brv%2BB20mPvqfB%2FFyR%2BM5WwY8bcdP%2FN3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: 2a76QyjKZujfWsU_RjvuAdXRaM1dBqqp
x-amz-cf-pop: IAD89-C1
cf-ray: 66dc3f346cbec2c2-FRA
x-amz-cf-id: 4G_qCvU7HmbD1Yy1b4iBxgKl8X-sH3xgtKtK8KJGc6jqFT7p6oWPfA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 matchHeight.min.js Show response
www.downunderenterprises.com/hs-fs/hub/4860912/hub_generated/template_assets/30689855443/1592188409503/Templates_2019/Coded_Files/js/plugins/ 3 KB
2 KB 41ms
41ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.downunderenterprises.com/hs-fs/hub/4860912/hub_generated/template_assets/30689855443/1592188409503/Templates_2019/Coded_Files/js/plugins/matchHeight.min.js
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e948723ae61dedda395f9ffb83e45fee21fd7c3cb636ed4c36565f3e7a7da0de

Request headers

:path: /hs-fs/hub/4860912/hub_generated/template_assets/30689855443/1592188409503/Templates_2019/Coded_Files/js/plugins/matchHeight.min.js
pragma: no-cache
cookie: __cfruid=b4bd2cf39a1f6325a8416264acbd3d0fd9e656a2-1626113621
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.downunderenterprises.com
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 dd169cfdbbafbb3da513bede6bc6640e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 65
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: 9MFQ03X8QKW90G7K
x-amz-id-2: FlFqlyBQbbjc0zHtYJDuOWT/jEY3LYA8bYV5zCKWsubUv/GAcYs+5OTSTswXV6FF6keFCjLJEis=
last-modified: Mon, 15 Jun 2020 02:33:30 GMT
server: cloudflare
etag: W/"ae88a40172b15cf64611dad682791b13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=i00iAUcGRTWcIVcDWxS1BXkNiEcB6qAcI8T%2BnjR02epKwEhZB%2BU%2FcSaQX%2BjUqsR7cmOYwbXQ3KX1dT7ia8vGF5Amo2K%2Fdgr9EpT6F8Z0PydfBBPu5%2BvGSaTanEBlG0NASZvdXR37TOGQKyT1nBXe%2BT4emAW%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: 9z0ZFWzzAwM51MDn6Eyiow1XvGWdSrvV
x-amz-cf-pop: IAD89-C1
cf-ray: 66dc3f34ad4cc2c2-FRA
x-amz-cf-id: b6DzTlVQmcSy06YxwN1o_pVA1e7P21h3C1ub_D5w6OHmjvpIZP-fPg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 4860912.js Show response
www.downunderenterprises.com/hs/scriptloader/ 2 KB
1 KB 198ms
198ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.downunderenterprises.com/hs/scriptloader/4860912.js
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 434c52c31025206a9297c5c61051906609efa115704ad672e43093bb1855b202

Request headers

:path: /hs/scriptloader/4860912.js
pragma: no-cache
cookie: __cfruid=b4bd2cf39a1f6325a8416264acbd3d0fd9e656a2-1626113621
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.downunderenterprises.com
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e34824a1-85d0-47c2-94dd-5933055b59c3
server: cloudflare
x-trace: 2BD4EB882EED682DC5931389C38ADF0CC629DDC511000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZhPadEw0J9AEBGIaHWrc6NsIcXogOtVGiz68UJc%2BB0TFRP%2FUrjSBbYV9RmuuhuofFxbKVqe83%2FGNJealkUzJ%2BnOcUeLnk9mlChE%2F4WKJrrb%2FmJoLu2oBaKGO8zsFHT9HGgYMJmGsHH3rHay8m%2FQSs2CcWG1E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 66dc3f34bd6fc2c2-FRA
expires: Mon, 12 Jul 2021 18:14:41 GMT

GET
H2 200 shutterstock_790643644.jpeg
www.downunderenterprises.com/hubfs/ 955 KB
957 KB 71ms
71ms Image
image/webp 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.downunderenterprises.com/hubfs/shutterstock_790643644.jpeg
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 137550ad4d9cfa543b99c1f7c7309ea62089b299efdcb245a8981c9342eedab1

Request headers

:path: /hubfs/shutterstock_790643644.jpeg
pragma: no-cache
cookie: __cfruid=b4bd2cf39a1f6325a8416264acbd3d0fd9e656a2-1626113621
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.downunderenterprises.com
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-49857379435,P-4860912,FLS-ALL
age: 64
x-amz-server-side-encryption: AES256
edge-cache-tag: F-49857379435,P-4860912,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="shutterstock_790643644.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: Z5AK9GXSCBQHPQN1
cf-bgj: imgq:85,h2pri
etag: "91f645d59df8b82c7db2cc633ada6945"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis: 1625038515475
date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=2876791
x-cache: Miss from cloudfront
x-amz-meta-index-tag: all
content-length: 977660
x-amz-id-2: v8AR3XHTTQcChJIgXOBRXajfc/OUjODF6cKhSHtpXRGL7qHcn2ny51hjQNuWP36ES4mUzhdrDmA=
last-modified: Wed, 30 Jun 2021 07:35:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3OpiDFK6eis4%2BdFQhqgf7wwmeN4%2FixWAdya29ErdK1%2BrE5l8owxX1Cxoiw75z0HQU7ciHpLxIFO0OEIPOxD0bSMhz%2B6XcZb1p6gqWwBOSu0JkUoFVE1LYlXTY2bEGer77u308BjnPgv6HccsnjEEru3VZYt6"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: mTqcqqgaNLdGInZ7KOjmJ5DcNO0o7dOf
accept-ranges: bytes
cf-ray: 66dc3f34bd7bc2c2-FRA
x-amz-cf-id: T8amc4tTux8v0wFgqyFtNBJ2dJ2vvQYTzvqhgTtlKyQ-zXe5QDQMvg==

GET
H2 200 icon-loc.png
cdn2.hubspot.net/hubfs/4860912/Web%20Images/ 104 B
753 B 71ms
71ms Image
image/webp 2606:4700::6811:f4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hubfs/4860912/Web%20Images/icon-loc.png
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/hs-fs/hub/4860912/hub_generated/template_assets/19369331583/1604642127796/Templates_2019/Coded_Files/css/main.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf9d822e852c6aabf9e5dc23fd40590fc8867b5bc0fe3adebd5652417aedb018

Request headers

Referer: https://www.downunderenterprises.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-20174239060,FD-20173348741,P-4860912,FLS-ALL
age: 43537
cf-polished: origFmt=png, origSize=250
edge-cache-tag: F-20174239060,FD-20173348741,P-4860912,FLS-ALL
content-disposition: inline; filename="icon-loc.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: B07WYC0M3QGWDFD5
x-amz-id-2: LV1dn5+3hQJ4yXnJoIAUuGXFknDfucc0WB8J1CQRo2QOW6dLxtiSdY8QG7Q8QJZ7gAhrh0j4YOI=
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
last-modified: Tue, 05 Nov 2019 06:06:22 GMT
server: cloudflare
etag: "884b7bbbaf55c6f07722bd8cf1814aa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4sOZCrpFKOb0zWN6xowV%2Bsn6zpYApgS1MivLHzl0zWETyKA%2Fw5%2BQJdRJ9rF8s%2FP2iwJBS81%2BmMDZ3bVIUVk1HRa%2BvwqzJpdbVZtmS5T%2B2F78IdoWmzSbGInKhgfTXVudZvamidEEEk6y"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: JqHL4esasFbyy_IgfXe0i70FvGXmEobB
x-amz-cf-pop: FRA56-C1
content-length: 104
cf-ray: 66dc3f34bea305e4-FRA
x-amz-cf-id: BKJdc1pSyaMH2gH5EqxQr6ioW5Cxx_aJ2E_oKZGKeZaCf9_70zRsog==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 icon-tel.png
cdn2.hubspot.net/hubfs/4860912/Web%20Images/ 100 B
928 B 53ms
52ms Image
image/webp 2606:4700::6811:f4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hubfs/4860912/Web%20Images/icon-tel.png
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/hs-fs/hub/4860912/hub_generated/template_assets/19369331583/1604642127796/Templates_2019/Coded_Files/css/main.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86df3040b6dbd928fe899766f6ddbf4c6407785f21e6c2a6b6302d51becf9cf8

Request headers

Referer: https://www.downunderenterprises.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-20174239061,FD-20173348741,P-4860912,FLS-ALL
age: 43537
cf-polished: origFmt=png, origSize=235
edge-cache-tag: F-20174239061,FD-20173348741,P-4860912,FLS-ALL
content-disposition: inline; filename="icon-tel.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: B07PHSGKEPY84D8E
x-amz-id-2: /mrs0dGjGk01n6g6gd+VKi0xwVktkL4oUtTPZ8xQJR3VKXYtaSwvLcz05QxcV7G3xuA+M/QRgP8=
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
last-modified: Tue, 05 Nov 2019 06:06:22 GMT
server: cloudflare
etag: "c7f043283d2708528a26e27664a4b89d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nRZ%2Be1iviXsqgpb7ZZalFmKXlzr9zInY3nVYI8dFSSaQ5VY1qlhnl9aUf%2Bq4F1chSEqMxSVICGn5oil%2Fcbc6vtFbd163wdTtzEWh15E1pNLu%2BCsNgMuASl7EvrgQHBUSqP1fDyLacs4S"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: eVnOwJAKe0hum8EcoDAX_fZa5UZVN331
x-amz-cf-pop: FRA56-C1
content-length: 100
cf-ray: 66dc3f34bea705e4-FRA
x-amz-cf-id: fUetyiD8O4GxvHdo6E4d2f2TXxen3hvLeJJbp3Ou-UWbYTsZkZj_cw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Bagatela-Light.woff
cdn2.hubspot.net/hubfs/4860912/Fonts/Bagatela/ 44 KB
45 KB 156ms
139ms Font
application/font-woff 2606:4700::6811:f4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4860912/Fonts/Bagatela/Bagatela-Light.woff
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/hs-fs/hub/4860912/hub_generated/template_assets/19369331583/1604642127796/Templates_2019/Coded_Files/css/main.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e91b14af6845a1467ae2abd1ec69d9c83184e76d3ac37d28c18f33bb91800611

Request headers

Origin: https://www.downunderenterprises.com
Referer: https://www.downunderenterprises.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-20170248178,FD-20170079319,P-4860912,FLS-ALL
age: 1495247
edge-cache-tag: F-20170248178,FD-20170079319,P-4860912,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: 58ENCWWBEY5VS2PD
x-amz-id-2: C+/o2o3Q3jHu1TSsCmpfILa8ffUBe3r0mcFO8+8/umbw4g73KZJyOqRte0JsUCwLiqiAc3FWh6w=
last-modified: Tue, 05 Nov 2019 04:34:05 GMT
server: cloudflare
etag: W/"152935b112fa923f02d3fd20ec0c4eb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9qa%2BC5KJYzE3iB9k8FHmYXradZPt%2FkRpkfojNwK4W7SX1Y9RR9G7%2Fen8kU%2BvPQlTOzyNbKbgkQrPIc8lAcX9L9ONhGtQI4AXfWP%2FHOZ7AJxvtXvLy3TM9a8mC%2FlLXM5pgxgZ6Fs9stAs"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 6DscwSkJXm0QutGu3aDsYfiE5iFk47mb
x-amz-cf-pop: FRA56-C1
cf-ray: 66dc3f34dfc205bf-FRA
x-amz-cf-id: vRW5DSSXX4UKg5nAtzepsnWN5fZZfKjSucwU-fiAOrJPtdvSnsMjWg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Avenir-Book.woff
cdn2.hubspot.net/hubfs/4860912/Fonts/Avenir/ 62 KB
63 KB 162ms
145ms Font
application/font-woff 2606:4700::6811:f4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4860912/Fonts/Avenir/Avenir-Book.woff
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/hs-fs/hub/4860912/hub_generated/template_assets/19369331583/1604642127796/Templates_2019/Coded_Files/css/main.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 574b10c3beed7a68e15936eb5d289d7c68e46786e7ad4ceb85d4a9f54975b866

Request headers

Origin: https://www.downunderenterprises.com
Referer: https://www.downunderenterprises.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-20171921001,FD-20170248075,P-4860912,FLS-ALL
age: 378940
edge-cache-tag: F-20171921001,FD-20170248075,P-4860912,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: W5AB3TE0WF58YNG1
x-amz-id-2: wiNxzNTWrkzAtfKaWHmFcPtw7NxNFPDF6Ky5sr0yc4NJsfseMo3tsFnpL52zSJuv2kw1nNzeA2c=
last-modified: Tue, 05 Nov 2019 04:43:32 GMT
server: cloudflare
etag: W/"cc84557be4c64a9d28d8a516641f691a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7VAIa7CTYHtKLi%2BvuF54%2BikG%2B446Cy1yeZni3yelo0wVJc%2FW7hQiyRK9wx%2F4h4WM9D7vghjIPvV4cV%2FfiuYYiIsJRL4Xj5zM43mSazhvVAzB4U4dSgqZqYz%2FdqBi8InEQ%2FwGoD9PyJqw"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: hTiK4RuA9QQA6zeEIpbI9Z_oQRARPBUF
x-amz-cf-pop: FRA2-C1
cf-ray: 66dc3f34dfc805bf-FRA
x-amz-cf-id: BtkrEYQKapEv9yDpyeEORggRjjNpEYsO_2Hv3puyIwCvbcvYOvYKRw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Avenir-Medium.woff
cdn2.hubspot.net/hubfs/4860912/Fonts/Avenir/ 61 KB
61 KB 165ms
148ms Font
application/font-woff 2606:4700::6811:f4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4860912/Fonts/Avenir/Avenir-Medium.woff
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/hs-fs/hub/4860912/hub_generated/template_assets/19369331583/1604642127796/Templates_2019/Coded_Files/css/main.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0e9c382974b381ed15b7a6cb9be912242269a32a6b9ddfcf490dc749e3e4594

Request headers

Origin: https://www.downunderenterprises.com
Referer: https://www.downunderenterprises.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-20170451290,FD-20170248075,P-4860912,FLS-ALL
age: 378939
edge-cache-tag: F-20170451290,FD-20170248075,P-4860912,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: TG51E5J3M8317KRE
x-amz-id-2: sO+WBl4AenS8hHOfe/brLc719cpediZZsA9kYgFcuq5mxMVd6w2PvxlkM9QKIAXxTJyzIfHHM10=
last-modified: Tue, 05 Nov 2019 04:43:32 GMT
server: cloudflare
etag: W/"55d0ee7ce1c0d8e1dc54ee473da4f7af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ntw4BgAyqmMhrjr8Q164eOmjD86kxPNboZmrRH%2FfQswoUO%2FaH%2FnzLPqA41H4nkN1M58mOTDf7NtTV0A8KZwiBU%2B1GLxObeTUvf%2BFFuoBFMqh5IjdgU%2F3fj6MYI2EVvI390WpvudryG4i"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: WLDC_WokaichnNgEIwPmjQwbjZGxf73v
x-amz-cf-pop: FRA2-C1
cf-ray: 66dc3f34dfc905bf-FRA
x-amz-cf-id: yjR3wwSXLAV2FoECrIf-lzrDCs8HjXf00Z2360EaFyPGe2esjKUEDg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 fontawesome-webfont.woff2
cdn2.hubspot.net/hubfs/4860912/Fonts/font-awesome/ 75 KB
76 KB 167ms
150ms Font
application/font-woff2 2606:4700::6811:f4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4860912/Fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/hs-fs/hub/4860912/hub_generated/template_assets/19369331583/1604642127796/Templates_2019/Coded_Files/css/main.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://www.downunderenterprises.com
Referer: https://www.downunderenterprises.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Mon, 12 Jul 2021 18:13:41 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-26331755475,FD-26349198880,P-4860912,FLS-ALL
age: 378939
x-amz-server-side-encryption: AES256
edge-cache-tag: F-26331755475,FD-26349198880,P-4860912,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: TG538EFK6K78D160
x-amz-id-2: o7JykEH2xRDmuCEA8d/lMh2zk4VhThC2WaP+RC6eM8FraxJYtIPeeRS+h+vDPJLaFINTOARYYAU=
accept-ranges: bytes
last-modified: Wed, 26 Feb 2020 00:30:40 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IM6kiKmrPYm%2FniY3YBaYpe2NEcBagjZYNHZ%2BvxKSafwqbw4oyhXTbFtzc8q1mJdrfrYuIqnUbogp3cUR6KOxVufVnLkkE3ziPSBi%2FDWdU1U4yvCKga3P7LS1ukSP9Yz7yzAG4CHWLifE"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 11oUsUlLxBv5hFayKHUWJfDTB2jkSX6S
x-amz-cf-pop: FRA2-C1
content-length: 77160
cf-ray: 66dc3f34dfc505bf-FRA
x-amz-cf-id: cWj4a4mpbx3WSYxKPyLbauZh_JZFl8PjrewVGT8SVsTjhO23kySMXA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 0a9e71d8-8f95-4b5a-ae8b-537a030df1d3 Show response
www.downunderenterprises.com/_hcms/forms//embed/v3/form/4860912/ 60 KB
9 KB 222ms
221ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.downunderenterprises.com/_hcms/forms//embed/v3/form/4860912/0a9e71d8-8f95-4b5a-ae8b-537a030df1d3?callback=hs_reqwest_0&hutk=

Requested by

Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ff15ba580c0491eb20848de7c7ba5c25b04075335aabef4455d2ddd5c8df19e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_hcms/forms//embed/v3/form/4860912/0a9e71d8-8f95-4b5a-ae8b-537a030df1d3?callback=hs_reqwest_0&hutk=
pragma: no-cache
cookie: __cfruid=b4bd2cf39a1f6325a8416264acbd3d0fd9e656a2-1626113621
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.downunderenterprises.com
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: df67cc88-bc42-4cb2-ac61-88c007001cc6
content-disposition: attachment; filename=no-rfd.txt
vary: Accept-Encoding
server: cloudflare
x-trace: 2B9121D51D6089453ACAFE136D3234F61093FF224D000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=h2OpvdM9QUjf2kyacV7tHassYmnbH2yk6ZTcEodQXVYIrygS9EB%2F17m08KDM4suGyL%2FuNRZ8YowBuOI3z8juFABkGGwZBcvCuhGo%2BzPewxWxWnmq7Jr3LMuVqldoL17RKlsp0h6Ggeu2%2BWuAfc32rdhIC3K9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 66dc3f352e7dc2c2-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 85 KB
34 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9815887

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/175f7caa2b90/3bc5f38baaf1/launch-66d8ddb43b7e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c2a277c6070ab079fe4ff7c4d881d86612ce83b5ddedfbd8459e950fb7e54b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34786
x-xss-protection: 0
expires: Mon, 12 Jul 2021 18:13:41 GMT

GET
H/1.1 200
OK c934c7aa-b19c-4dbc-93a5-f52aac57b15f.js Show response
www.rumiview.com/containers/ 208 KB
58 KB 627ms
173ms Script
application/javascript 199.185.0.231
MULTIVIEW

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rumiview.com/containers/c934c7aa-b19c-4dbc-93a5-f52aac57b15f.js
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.185.0.231 , United States, ASN21592 (MULTIVIEW, US),
Reverse DNS
Software: /
Resource Hash: a3ab62d070a6152ab6c46fe0c08179849263c9c34d385c1bfe9faa0a56e7f6fa

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:42 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding, Cookie
cache-control: public, must-revalidate, max-age=360
x-robots-tag: none
transfer-encoding: chunked
content-type: application/javascript; charset=utf-8

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/9ciagjv/vw3mcye/ Frame 3075
Redirect Chain

https://insight.adsrvr.org/tags/9ciagjv/vw3mcye/iframe
https://d1eoo1tco6rr5e.cloudfront.net/9ciagjv/vw3mcye/iframe

138 B
630 B

132ms
49ms

Document
text/html

52.222.150.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/9ciagjv/vw3mcye/iframe
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/175f7caa2b90/3bc5f38baaf1/launch-66d8ddb43b7e.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.150.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-150-145.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab46a8e067169b8d08a06e6464db1062d802fbdce2ab241fe184acd3b0c85481

Request headers

Host: d1eoo1tco6rr5e.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications

Response headers

Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Date: Mon, 12 Jul 2021 07:36:39 GMT
Last-Modified: Tue, 28 Jan 2020 13:01:30 GMT
ETag: "c8d7503d804c81a79885b51f8f6d361f"
Cache-Control: max-age=86400
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a769201928d4a671d76c2aeb231718ae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P1
X-Amz-Cf-Id: sraz8dF83sNlB7iexqt7PiLB-bxF2Kbs6aeS7Uqq0wz59g9h1u45yw==
Age: 38224

Redirect headers

date: Mon, 12 Jul 2021 18:13:42 GMT
content-type: text/html; charset=UTF-8
content-length: 183
location: https://d1eoo1tco6rr5e.cloudfront.net/9ciagjv/vw3mcye/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H3-29

200

activityi;dc_pre=CPjmzaaR3vECFfYfBgAdsLULKQ;src=9815887;type=siter0;cat=siter0;ord=2680344541233;gtm=2od770;auiddc=995781926.1626113622;ps=1;~oref=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_t... Show response
9815887.fls.doubleclick.net/ Frame 1D5A
Redirect Chain

https://9815887.fls.doubleclick.net/activityi;src=9815887;type=siter0;cat=siter0;ord=2680344541233;gtm=2od770;auiddc=995781926.1626113622;ps=1;~oref=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea...
https://9815887.fls.doubleclick.net/activityi;dc_pre=CPjmzaaR3vECFfYfBgAdsLULKQ;src=9815887;type=siter0;cat=siter0;ord=2680344541233;gtm=2od770;auiddc=995781926.1626113622;ps=1;~oref=https%3A%2F%2F...

451 B
387 B

76ms
41ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9815887.fls.doubleclick.net/activityi;dc_pre=CPjmzaaR3vECFfYfBgAdsLULKQ;src=9815887;type=siter0;cat=siter0;ord=2680344541233;gtm=2od770;auiddc=995781926.1626113622;ps=1;~oref=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9815887

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

3220688f54742c63eed643a017ae2dcbfd0876c6b10cd9c05a92b885468b9026

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9815887.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPjmzaaR3vECFfYfBgAdsLULKQ;src=9815887;type=siter0;cat=siter0;ord=2680344541233;gtm=2od770;auiddc=995781926.1626113622;ps=1;~oref=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jul 2021 18:13:42 GMT
expires: Mon, 12 Jul 2021 18:13:42 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 362
x-xss-protection: 0
set-cookie: IDE=AHWqTUkKqwFtxn9KnBJz0-jxjz8n-x8ap6vd9UDl9jAKLh_n4GJDNuIPBsTgTR3zZFk; expires=Sat, 06-Aug-2022 18:13:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jul 2021 18:13:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9815887.fls.doubleclick.net/activityi;dc_pre=CPjmzaaR3vECFfYfBgAdsLULKQ;src=9815887;type=siter0;cat=siter0;ord=2680344541233;gtm=2od770;auiddc=995781926.1626113622;ps=1;~oref=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 activityi;register_conversion=1;src=9815887;type=siter0;cat=siter0;ord=2680344541233;gtm=2od770;auiddc=995781926.1626113622;ps=1;~oref=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_whit...
9815887.fls.doubleclick.net/ 0
0 110ms
35ms Image
text/html 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9815887.fls.doubleclick.net/activityi;register_conversion=1;src=9815887;type=siter0;cat=siter0;ord=2680344541233;gtm=2od770;auiddc=995781926.1626113622;ps=1;~oref=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications?
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 81 KB
24 KB 40ms
20ms Script
application/javascript 2606:4700::6811:81ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/hs/scriptloader/4860912.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa8f98ad518df97fb35059f4a8105dc6f572b17e3f4ae934cb9193cd2843d5ae

Request headers

Origin: https://www.downunderenterprises.com
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:42 GMT
via: 1.1 db72f6ab1d9d27534c6158ca17e3af1c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 43537
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.242/bundles/project.js&cfRay=66d818544e1505d8-IAD
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 66dc3f3b6bcd2b95-FRA
last-modified: Fri, 25 Jun 2021 08:15:33 UTC
server: cloudflare
etag: W/"967b75dccc0e4df7c9b30c52323c326e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: 13QfqPUxBOKtottH5P65GPqLYrlORKQ4
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: nYtHyWjKwnfkj8hzQjv1_GLpSJtgRB2JObEeLhSw6I5xzeQAxOjlHg==
x-hs-target-asset: collected-forms-embed-js/static-1.242/bundles/project.js

GET
H2 200 4860912.js Show response
js.hs-analytics.net/analytics/1626113400000/ 62 KB
19 KB 54ms
34ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1626113400000/4860912.js
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/hs/scriptloader/4860912.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59d666f356fbd1c5b2ed351c241f82adfab01cfea76230ae1b2ee96699e92f29

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 66
x-amz-server-side-encryption: AES256
x-amz-request-id: Z5AW4KV8VHBD8J4V
x-amz-id-2: bEXhK0GEklyu9vlGGkmd9QBtf12p3q9TNrf4eZ6/aRyQ4zMW8PxinXOs5hfBL9SVtk7du5uduXo=
last-modified: Sat, 22 May 2021 04:32:50 GMT
server: cloudflare
etag: W/"e5cad648e2ee347984068c9a5f0794f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-ray: 66dc3f3b6e9edfeb-FRA
expires: Mon, 12 Jul 2021 18:17:36 GMT

GET
H2 200 4860912.js Show response
js.hs-banner.com/ 60 KB
15 KB 39ms
19ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/4860912.js
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/hs/scriptloader/4860912.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d142e758e020032270136ba5688c240d9a45b3d206bc423e6b17724dcd38128

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 65
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: FY5HGWN5159NHAAV
x-amz-id-2: zRQbi+UpI5XZkrk+jnKB3BHzjKwR4vk89S82Xl/VZtq4XQVXnlb7PayZcuyzD15bmI6czhHzw/4=
timing-allow-origin: *
last-modified: Thu, 27 May 2021 17:08:07 GMT
server: cloudflare
etag: W/"b9c05eeafc34aeb75c0e633d3eea1fcf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: G4m96CKn2mm2_gp4L6GBpiatP_SgQ18I
access-control-allow-origin: https://www.downunderenterprises.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 66dc3f3b6de94a74-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 12 Jul 2021 18:17:37 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 475 KB
80 KB 58ms
38ms Script
application/javascript 2606:4700::6811:e8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/hs/scriptloader/4860912.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e734e59613ad8acfa314df40d191a7ffc831d35ce0409836d712e6233ade125a

Request headers

Origin: https://www.downunderenterprises.com
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:42 GMT
via: 1.1 08f45c153a856ff7955174d0e6f60745.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 43537
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1029/bundle/main/lead-flows-release.js&cfRay=66d818544cc54a55-IAD
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 66dc3f3b6b05c2a9-FRA
last-modified: Mon, 28 Jun 2021 03:28:39 UTC
server: cloudflare
etag: W/"16c85022f7119b37a5c687536a0fc6c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 2ZrFT_N1HUqNtLS_U.sDzHSxM6LIMAgx
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: yVPTj0WkhJt_z_abjsRu4GHqusCPt_p8qKumuikOl5hEeo6EelaHKw==
x-hs-target-asset: lead-flows-js/static-1.1029/bundle/main/lead-flows-release.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 81 KB
20 KB 68ms
40ms Script
application/javascript 2606:4700::6811:eccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/hs/scriptloader/4860912.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 273d44f76a2259ceacdb278335c84c20071762ce72e3a0f504036f8870f112d1

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:42 GMT
via: 1.1 ba82151bf51e4c722c5305c983d8b71e.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 62
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9034/bundles/project.js&cfRay=66dc3db6ac6e2bce-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 12 Jul 2021 01:31:50 UTC
server: cloudflare
etag: W/"50239f30616919cbeaf198a2491428b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: nFtD6n.snIg3sVO5j8krq2r5hrGd4vLO
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 66dc3f3b7d532bca-FRA
x-amz-cf-id: xHbTkuCISN_TrSnkDfnEoOU1vGcrCdGrtgVr3x9OzxEnCTy1oAxyag==
x-hs-target-asset: conversations-embed/static-1.9034/bundles/project.js

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1008 B
709 B 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Requested by

Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

94176d09b9382e90f71916d8875bb97d85ce988c6844893d1451e511afadbd95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 617
x-xss-protection: 1; mode=block
expires: Mon, 12 Jul 2021 18:13:42 GMT

GET
H2 200 down-arrow.png
cdn2.hubspot.net/hubfs/4860912/Web%20Images/ 120 B
1 KB 31ms
31ms Image
image/png 2606:4700::6811:f4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hubfs/4860912/Web%20Images/down-arrow.png
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/hs-fs/hub/4860912/hub_generated/template_assets/19369331583/1604642127796/Templates_2019/Coded_Files/css/main.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a4daa4d6bc7993e19565f514eae2f3635003b35a31c22e61d03a497f7fc7d0f

Request headers

Referer: https://www.downunderenterprises.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Mon, 12 Jul 2021 18:13:42 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-21013586983,FD-20173348741,P-4860912,FLS-ALL
age: 43330
cf-polished: origSize=204, status=webp_bigger
edge-cache-tag: F-21013586983,FD-20173348741,P-4860912,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: MHBHSX9RH85K3QQ4
x-amz-id-2: 7JD6OaebTGAhIuCxVjJwSIMqm6qRrHeCeJNQoMnLJMRWLi0pjzIHQQf/RhZ4dNR2795vbNTGLSA=
accept-ranges: bytes
last-modified: Tue, 12 Nov 2019 23:18:49 GMT
server: cloudflare
etag: "5e5f6748f8e4fa4d0be80ad578e6d04d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=E1lPPHep2%2B%2B8gq1lFFwDnoiXqE7%2Bhh9R2iN4bicCj21Q0dOQ%2FhdaoE2QJy7y0A1QPLXY52WuRxCsgj0IFU9n95Fo%2Fzn3JO6bK%2BEAaGEdR5aZ%2FMy4%2F7h%2FrM%2Bu5E%2B3RngVCdHg2jxSnMkH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: _hXY1hElHahapNDOxer3zTlBb4HF_jnM
x-amz-cf-pop: FRA2-C1
content-length: 120
cf-ray: 66dc3f3b88a405e4-FRA
x-amz-cf-id: ki0dVewNrt0dfouB0EZd3vAwDDn2UYjf938fKkiGw5Lq_hKF7nZcCQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 White%20Paper%20_TTO_Acne.jpg
www.downunderenterprises.com/hubfs/ 84 KB
85 KB 52ms
52ms Image
image/webp 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.downunderenterprises.com/hubfs/White%20Paper%20_TTO_Acne.jpg
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29dc9275435522ec9ca4540b39dbe2f22846be426e5d8c4ec61be32cd1ddf480

Request headers

:path: /hubfs/White%20Paper%20_TTO_Acne.jpg
pragma: no-cache
cookie: __cfruid=b4bd2cf39a1f6325a8416264acbd3d0fd9e656a2-1626113621; _gcl_au=1.1.995781926.1626113622
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.downunderenterprises.com
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-49852328039,P-4860912,FLS-ALL
age: 65
x-amz-server-side-encryption: AES256
edge-cache-tag: F-49852328039,P-4860912,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="White%20Paper%20_TTO_Acne.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: EZ4WWQBGC16ATH23
cf-bgj: imgq:85,h2pri
etag: "a618504c821aebe14f5e6d62c70395b2"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis: 1625035645386
date: Mon, 12 Jul 2021 18:13:42 GMT
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=152968
x-cache: Miss from cloudfront
x-amz-meta-index-tag: none
content-length: 86266
x-amz-id-2: e23AMns/bzu3ULZBsuhQyGDvgvppHI7CeI6kiw8lBfQO9v6dIqUsghoAyCEnvHiARoQQfJxK1g0=
last-modified: Wed, 30 Jun 2021 06:47:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BEu3psocsZ0Hawr%2F8qHbg7AYFiivqX0rxnADDH0BHh2QGrGDsX%2FvG4yzea5sIL%2BnkYnIEHusHYPhMgzdY7CPGix3GpN3k1ElcLAGFtFgl4SWiZobNyV2RXwvh3cHWoWZJu9JNBaNaQe9OnN5laAHNXI25Yyl"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: POlwdUlYpEsnKTPhKeqcXT078GBEmNQg
accept-ranges: bytes
cf-ray: 66dc3f3b9ab0c2c2-FRA
x-amz-cf-id: FgOtHubZIOfMvyBxEpmdYIFXdozocuP-yNRarj35FW_Vnhz9XifGAA==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ 341 KB
133 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.downunderenterprises.com
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 18:00:57 GMT

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
505 B 145ms
126ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-error-caught&count=1

Requested by

Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 1f140671-1d1c-4b15-ae5c-308fb844a674
x-trace: 2BB0E818555835C087A08F5CD9CA5F87399C6EDB48000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66dc3f3bdab4325c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35

GET
H2 200 widget Show response
www.downunderenterprises.com/_hcms/livechat/ 3 KB
4 KB 304ms
304ms XHR
application/json 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.downunderenterprises.com/_hcms/livechat/widget?portalId=4860912&conversations-embed=static-1.9034&mobile=false&messagesUtk=208231b773e349d19a0e721bf399b4cd&traceId=208231b773e349d19a0e721bf399b4cd

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

18f78613ff1f52c91fed9aac24157d2c7b1e935decdcb42dae5b5ed997b060ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __cfruid=b4bd2cf39a1f6325a8416264acbd3d0fd9e656a2-1626113621; _gcl_au=1.1.995781926.1626113622
x-hubspot-messages-uri: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
:path: /_hcms/livechat/widget?portalId=4860912&conversations-embed=static-1.9034&mobile=false&messagesUtk=208231b773e349d19a0e721bf399b4cd&traceId=208231b773e349d19a0e721bf399b4cd
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.downunderenterprises.com
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
:scheme: https
sec-fetch-site: same-origin
:method: GET
X-HubSpot-Messages-Uri: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications

Response headers

date: Mon, 12 Jul 2021 18:13:42 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 3cfd1fee-00d1-4192-a705-c7a4d0e86209
server: cloudflare
x-trace: 2BC1F0B186D3B6FFD044FAE81CFEFB178336193168000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u%2BbCfBMSfBtT98BJTOkpoF4FEyaN035WwP%2FHXcPDr0x%2BnojebC7olJeCu4RRW0AsqA50tnm6Agoc%2Fl5s%2F1TCf%2Fj3myR1U%2B9P%2F1Foesqziqqa3%2B9xW4zUTMhkiBNn4sTLt3F9%2B20iUTAIdbOJ7lzPgxfiWmp0"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 66dc3f3beb66c2c2-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame B71A 39 KB
20 KB 33ms
32ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuZG93bnVuZGVyZW50ZXJwcmlzZXMuY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=p7nzo5pcrt45

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90f8a77f1f311bce1a04ca85ba00253441c8b50811f5226b4602ee36cddf1537

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-U7fzdxYLuAULkFngTjP66Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuZG93bnVuZGVyZW50ZXJwcmlzZXMuY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=p7nzo5pcrt45
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 12 Jul 2021 18:13:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-U7fzdxYLuAULkFngTjP66Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20543
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
180 B 401ms
399ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4860912

Requested by

Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:42 GMT
cf-cache-status: MISS
server: cloudflare
x-hubspot-correlation-id: 1a47a473-e55d-4207-b66a-ed5e4ab43214
x-trace: 2BDE1F9966E1FBF966C3C817A3D0ADED41585152D0000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 66dc3f3c6bcb325c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35

GET
H2 200 dc_pre=CPjmzaaR3vECFfYfBgAdsLULKQ;src=9815887;type=siter0;cat=siter0;ord=2680344541233;gtm=2od770;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_appl...
adservice.google.com/ddm/fls/z/ Frame 1D5A 42 B
515 B 62ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPjmzaaR3vECFfYfBgAdsLULKQ;src=9815887;type=siter0;cat=siter0;ord=2680344541233;gtm=2od770;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications

Requested by

Host: 9815887.fls.doubleclick.net
URL: https://9815887.fls.doubleclick.net/activityi;dc_pre=CPjmzaaR3vECFfYfBgAdsLULKQ;src=9815887;type=siter0;cat=siter0;ord=2680344541233;gtm=2od770;auiddc=995781926.1626113622;ps=1;~oref=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9815887.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 18:13:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame B71A 52 KB
25 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuZG93bnVuZGVyZW50ZXJwcmlzZXMuY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=p7nzo5pcrt45

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 17:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 17:43:58 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame B71A 341 KB
133 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 18:00:57 GMT

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B71A 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:00:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 583992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Tue, 13 Jul 2021 00:00:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B71A 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:42:56 GMT
x-content-type-options: nosniff
age: 581446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:42:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B71A 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:30:52 GMT
x-content-type-options: nosniff
age: 582170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:30:52 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame B71A 102 B
132 B 16ms
14ms Other
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuZG93bnVuZGVyZW50ZXJwcmlzZXMuY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=p7nzo5pcrt45
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 12 Jul 2021 18:13:42 GMT

GET
H2 200 208231b773e349d19a0e721bf399b4cd Show response
app.hubspot.com/conversations-visitor/4860912/threads/utk/ Frame D924 44 KB
16 KB 157ms
140ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/4860912/threads/utk/208231b773e349d19a0e721bf399b4cd?uuid=6dc2f120d4a446d5bdc91d4ef53c0327&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=downunderenterprises.com&inApp53=false&messagesUtk=208231b773e349d19a0e721bf399b4cd&url=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=true

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77d3c1370ade66f0bad60487b1f4127460dd1bb40341bb2143368ee4471ddc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: app.hubspot.com
:scheme: https
:path: /conversations-visitor/4860912/threads/utk/208231b773e349d19a0e721bf399b4cd?uuid=6dc2f120d4a446d5bdc91d4ef53c0327&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=downunderenterprises.com&inApp53=false&messagesUtk=208231b773e349d19a0e721bf399b4cd&url=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications

Response headers

date: Mon, 12 Jul 2021 18:13:42 GMT
content-type: text/html; charset=utf-8
cf-ray: 66dc3f3e29bf4e74-FRA
age: 3263
cache-control: max-age=600
etag: W/"d389ed3528330a97bdea059fb1afb595"
last-modified: Mon, 12 Jul 2021 01:31:50 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 f7a968b55c3516da72549b98f99704a4.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
content-security-policy-report-only: script-src 'unsafe-inline' 'self' www.hubspot.com js.hs-analytics.net js.hsforms.net js.hsleadflows.net *.hsappstatic.net js.hs-banner.com *.hs-scripts.com js.hubspotfeedback.com js.usemessages.com js.hubspot.com js.hsadspixel.net js.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net www.google-analytics.com static.hotjar.com script.hotjar.com www.googletagmanager.com www.fullstory.com *.convertexperiments.com cdn.pdst.fm d.impactradius-event.com cdn.getambassador.com mbsy.co pixel.cdnwidget.com snap.licdn.com connect.facebook.net js.stripe.com checkout.stripe.com survey.survicate.com surveys-static.survicate.com sdk.canva.com www.dropbox.com www.google.com www.gstatic.com apis.google.com maps.googleapis.com www.googleadservices.com googleads.g.doubleclick.net static.ads-twitter.com analytics.twitter.com play.vidyard.com app.vidyard.com fast.wistia.com s.yimg.jp www.redditstatic.com 'unsafe-eval'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.11495/html/index.html&cfRay=66dc3f3e29bf4e74&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F4860912%2Fthreads%2Futk%2F208231b773e349d19a0e721bf399b4cd%3Fuuid%3D6dc2f120d4a446d5bdc91d4ef53c0327%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Ddownunderenterprises.com%26inApp53%3Dfalse%26messagesUtk%3D208231b773e349d19a0e721bf399b4cd%26url%3Dhttps%253A%252F%252Fwww.downunderenterprises.com%252Ftea_tree_oil_white_paper_acne_applications%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dtrue&referrer=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
x-amz-cf-id: tHtI-8ePGNYNdQoQYOxIY65i3QgU4fZB9CbZ-YdihxCQYgcDAq_spg==
x-amz-cf-pop: IAD89-C3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: nRTzvtwRqp5pSYbNfjCDwxRA276Loi5I
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 3075 70 B
260 B 49ms
49ms Image
image/gif 34.254.108.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=9ciagjv&ct=0:vw3mcye&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/9ciagjv/vw3mcye/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.108.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-108-170.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 18:13:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame 6D82 7 KB
1 KB 17ms
17ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=wb6agz52vvru

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3005a5c928e16e0fcd86231df37c66134d6f23c126c76f2916c3714512da5dee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xt0aiNG4UK9JVvV0iwYEbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=wb6agz52vvru
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 12 Jul 2021 18:13:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-xt0aiNG4UK9JVvV0iwYEbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1116
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 6D82 52 KB
25 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=wb6agz52vvru

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 17:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 17:43:58 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 6D82 341 KB
133 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=wb6agz52vvru

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 18:00:57 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.149/ Frame D924 44 KB
16 KB 49ms
31ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.149/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4860912/threads/utk/208231b773e349d19a0e721bf399b4cd?uuid=6dc2f120d4a446d5bdc91d4ef53c0327&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=downunderenterprises.com&inApp53=false&messagesUtk=208231b773e349d19a0e721bf399b4cd&url=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9a3def2872b9c3bdc609f0bb45e0c351939e6b0b6f8d34bd1c7bc33f374a4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:43 GMT
via: 1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 964629
x-amz-server-side-encryption: AES256
cf-ray: 66dc3f402d750ebb-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 30 Jun 2021 18:18:00 GMT
server: cloudflare
etag: W/"58c2f57807f81fc9f0645351e4c0c11e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rlcUD7jOhyu3JAFppQMMBTMbef4KTKydepz3KeVyfUd2XwCN6VgF35MFtqHexp3Od14ZsBAK3kWStFG9AHFxK9PliKQXLFu0Hm7RFpXK31e5HxeJ3vj6cflilEcOVqqbzV4mfMtyIOvxSXbKZAi6"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: lssrc1l0KqHuX0WyuY1Ksf3wzUwsCh6g
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZAG50-C1
content-type: application/javascript
x-amz-cf-id: bMll2YJyy8RDuCiy7TulZC4f2aP3eGDybMuWAStHOJj9bAVdXpaRhA==
expires: Tue, 12 Jul 2022 18:13:43 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.10899/sass/ Frame D924 20 KB
4 KB 75ms
57ms Stylesheet
text/css 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.10899/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:43 GMT
via: 1.1 fc6dca2df1221c0bec817610bc20e505.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2409033
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 03 Mar 2021 21:09:00 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=N%2FURJ2tkjAbtJfOZbzJOL9hZASoo6Yjz%2FdoNStjsTqep5bkve9zvJ0aQRZH%2FhqikRGxql4OZQPZm4BT9R0CLxYBLCys4ujnIEWG%2B4LCndWRR5Y6HTLDDz7KSW42bDnmbdWhlCAoBjDUvcRXCpUhe"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1rBCyHs_YjjDB1.HOpykpqteK2m6W_oL
cache-control: public, max-age=31536000
x-amz-cf-pop: MUC50-C1
cf-ray: 66dc3f40194c2b59-FRA
x-amz-cf-id: ty8MEdjgGU_CHYbNJ3VAGai79DmhaUdHc0j1TA7E5ppRiixT4jKtqg==
expires: Tue, 12 Jul 2022 18:13:43 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.140/ Frame D924 285 KB
84 KB 79ms
61ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.140/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a11d31336d81165454b7e760f4bf50d5a678c1d64009e7d9a1663965a6859f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:43 GMT
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1039889
x-amz-server-side-encryption: AES256
cf-ray: 66dc3f402d7a0ebb-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 01 Jun 2021 20:39:15 GMT
server: cloudflare
etag: W/"cd5261d8c5cc818b9b4157fe38785198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=a26snjCUd2sGf2BvA%2BQOmYfJHapzimLuoiqenVidaRmg0KNTV1mCi9mvGluBAE8Wy3YA84Uhmqz%2FpUbh%2BNB8J%2F57Wxgd2CfMUPUArqv6OgUf8v68d%2BGIqozgv5%2BiC5veT8HHr7YSmBvdV%2B3DEFz3"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: B_NA.7YtlfN8zxwz9D0xnoukWnhZ1xR0
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: NzE3zVBF7vkmR6IQ0kGvzKROdszcgGrlT1AIFPMhSm8LXt-Ae6qsOg==
expires: Tue, 12 Jul 2022 18:13:43 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11495/bundles/ Frame D924 467 KB
116 KB 78ms
60ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11495/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a71ee03e7aa881eb197829a995e9985a74d271390b4da1629142529d64babaa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:43 GMT
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16908
x-amz-server-side-encryption: AES256
cf-ray: 66dc3f402d7c0ebb-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 12 Jul 2021 10:41:10 GMT
server: cloudflare
etag: W/"141c177c706358b477f3715328afe8a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4wEU%2F82HSJaahbzp0JxVRx3eE4PJQQCALXj6q2bFY%2B2BG3FpjP1Qb%2Bghzl5SeAP4xVkA9qO3gfDclfAn9SiRcuPKIZPTFMoU2eklvWu7UQF0v0GUe4Ix2RCDhBlCu%2BUqmgRFL1xYM%2BUJwYXgf0xI"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: PgoIQA4xYPH5qZZ_hNU6Cdv55GlQRLK9
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: P8in5CiiD4A7n9UTJCP7IpFo8943jMTUzLCkHLkkeYKVhp6aIiyxxA==
expires: Tue, 12 Jul 2022 18:13:43 GMT

POST
H3-29 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame 6D82 35 KB
21 KB 68ms
68ms XHR
application/json 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5de410aa786cf39744068b26e72ed295f22d6c80af430b9d900786e013e87d9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=wb6agz52vvru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 12 Jul 2021 18:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21641
x-xss-protection: 1; mode=block
expires: Mon, 12 Jul 2021 18:13:43 GMT

GET
H3-29 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11456/ Frame D924 778 B
1 KB 33ms
21ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11456/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.11495/bundles/visitor.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be5a8199b59c8ef5395eff00858a98495c74cf40a7b4a56409f541a39821f603

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:43 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1469683
x-amz-server-side-encryption: AES256
cf-ray: 66dc3f4128404a68-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 24 Jun 2021 13:52:02 GMT
server: cloudflare
etag: W/"cee6671af831e0bc2f5aacea3ffcc2ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BdewhQ5nfKZuqH%2F94bRm9lqG013qiBj8LhwWwQQuGOLDqZCsZAXCmxRLHQS9B8DKJ3d8Fxd2XRImiM267E3v4lSJ8xiSyGuFNM0K5ZSq4gmShtWdlYYAH2VOEM5tS8DwMPcEzFHtyZ2h9kPXPIRu"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: kACz_iO_oT9AmEZVBZm65AnAXxteA6XM
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: QEX6sadJpMpLPgIgYSsbEwpqQ_yk6EH7fptodw4SSXtjvFFAJGaewA==
expires: Tue, 12 Jul 2022 18:13:43 GMT

GET
H3-29 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 6D82 600 B
622 B 7ms
6ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 19:48:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 599130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
expires: Mon, 12 Jul 2021 19:48:13 GMT

GET
H3-29 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 6D82 530 B
552 B 7ms
7ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 10:03:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 547787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
expires: Tue, 13 Jul 2021 10:03:56 GMT

GET
H3-29 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 6D82 665 B
687 B 7ms
6ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 22:47:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 588365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
expires: Mon, 12 Jul 2021 22:47:38 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6D82 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=wb6agz52vvru

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:42:56 GMT
x-content-type-options: nosniff
age: 581447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:42:56 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6D82 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=wb6agz52vvru

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 02:41:59 GMT
x-content-type-options: nosniff
age: 574304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 02:41:59 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6D82 15 KB
15 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=wb6agz52vvru

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:30:52 GMT
x-content-type-options: nosniff
age: 582171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:30:52 GMT

GET
H2 200 payload
www.google.com/recaptcha/enterprise/ Frame 6D82 21 KB
21 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AGdBq25dljlO-z1TZsy5JUJTjd_KkYq__xrB1qTGrpMuLgIXOgRtA-YCi2niG408RmdISyTdBmm1X0xUqZD2EOmY0KwR-RXYQmxCShxhRHuSDuLXLS-BnwkThwILq0CGYf6nmmLrUTb6DG50OG8LLGgkg5moF8upUfBMQ-0D4MNt7l3fQkl2MkU2Xn1br4V_5XgN1ao2Whhe_oPfsESUV9UjCEbcWZhttg&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6c8a63f142de805b18df142ad52c05adda50e9a4749d4b8e3bef28b119100993

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=wb6agz52vvru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:43 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21856
x-xss-protection: 1; mode=block
expires: Mon, 12 Jul 2021 18:13:43 GMT

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner/activity/ Frame 0
0 398ms
383ms Preflight
application/octet-stream 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner/activity/view
Protocol: H2
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.downunderenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 12 Jul 2021 18:13:43 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://www.downunderenterprises.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66dc3f424ad3073e-FRA

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner/activity/ 0
85 B 123ms
123ms XHR
text/plain 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner/activity/view
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/4860912.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 18:13:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: ee6e4f2a-b8ae-40df-98cb-ea905c8b7df1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.downunderenterprises.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 66dc3f44a9b6073e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
407 B 39ms
37ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=0a9e71d8-8f95-4b5a-ae8b-537a030df1d3&fci=82cad3a6-65b9-4e8b-b980-fcc78f884435&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=4860912&pi=49849936196&ct=landing-page&ccu=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications&cpi=49849936196&lpi=49849936196&lvi=49849936196&lvc=en&pu=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications&t=White+Paper%3A+Applications+of+Tea+Tree+Oil+for+Acne+Vulgaris&cts=1626113623392&vi=c8f2102bd819ebeba1456646c2335c5d&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:43 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ef2490ef-6c79-4915-b63f-8d3cf5a2e751
cf-ray: 66dc3f424cda4e74-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XNAwlzIHmu5bMqLNQtQ3Uj5VKpLLuJqBGDyahxPK242%2BaU%2FSks%2Fo6ZNnrJyWC8Qs8T1yjxjshav6OolO5PWFMoc2Su2CoG%2FBa1L8%2BVAdYyYHmuJaojxwW1iBk%2BJY5g4kVmWAuHIX4TZGtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
403 B 37ms
35ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=0a9e71d8-8f95-4b5a-ae8b-537a030df1d3&fci=82cad3a6-65b9-4e8b-b980-fcc78f884435&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=4860912&pi=49849936196&ct=landing-page&ccu=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications&cpi=49849936196&lpi=49849936196&lvi=49849936196&lvc=en&pu=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications&t=White+Paper%3A+Applications+of+Tea+Tree+Oil+for+Acne+Vulgaris&cts=1626113623403&vi=c8f2102bd819ebeba1456646c2335c5d&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:43 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: fb42f680-d2d8-4554-9d4f-f6f51c93e70a
cf-ray: 66dc3f424cdc4e74-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9DKX4VOXl%2FSqfXi5Bfrh7AMZnh7dVwdhO5PynW0UYCmHLi0YsyymZiiULSShU5NxQ%2FH8PdoPoLYypsS34BuMO5ADcYLqJuQYR799YR3tJlWdDwVbLLqJvMt4xET%2BQHObmNSn0tZrzCufvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
520 B 29ms
27ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=4860912&pi=49849936196&ct=landing-page&ccu=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications&cpi=49849936196&lpi=49849936196&lvi=49849936196&lvc=en&pu=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications&t=White+Paper%3A+Applications+of+Tea+Tree+Oil+for+Acne+Vulgaris&cts=1626113623404&vi=c8f2102bd819ebeba1456646c2335c5d&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:43 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: d13c0eb9-aad0-46c9-8914-7bdaa657e8d2
cf-ray: 66dc3f424cdd4e74-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=k5gy%2BfHZjhcWDGSDTiFKS44nO9V3UicYnkSW9ZS16abNeB4aHgq95k8X%2BnxBtE0GUWKd4iTMnR5C8Cf6XBzr8x7KbCKqiOtOdigQ833%2Fi3rfvrownoBjLn2av%2Bsm%2FiXWHMV3q0kZ1T7kBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

POST
H2 204 rhumb
api.hubspot.com/cartographer/v1/ Frame D924 0
1 KB 147ms
145ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.11495

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.11495/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 12 Jul 2021 18:13:43 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b2a9f1bb-bffb-4552-ad3a-a7641c6d4f53
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=O0ntv57V%2BXeyYvDXudACFfKZJerYYKuBIlcrp0XfQyqIty0F77w9o4r%2Bz%2Bi%2BsQ%2BAfFHD8VsQlD6iKV92%2B0IpH0P94M%2FFRqQH5Lrf%2BPJQ8AUyvWuWECZyZHiaZRsBNpXhX0%2FA%2B81akG0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 66dc3f428d904e74-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer

POST
H2 200 perf Show response
www.downunderenterprises.com/_hcms/ 2 B
670 B 176ms
176ms XHR
text/plain 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.downunderenterprises.com/_hcms/perf
Requested by: Host: www.downunderenterprises.com
URL: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-fetch-mode: cors
origin: https://www.downunderenterprises.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
content-length: 817
:path: /_hcms/perf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.downunderenterprises.com
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

cf-ray: 66dc3f54dd7dc2c2-FRA
date: Mon, 12 Jul 2021 18:13:46 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-hubspot-correlation-id: b0019312-1971-47e2-bee6-44dfdb4bee85
x-trace: 2B3A9A012D04A6E617984D4868BF0844FE4CEFD5EC000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gITRl%2BpO%2F5k5KaxLUFzGEguyNMLQ5CG5J72IeFdNxdT3xoAvwltt0CkhSrm07ai6I2mjJfa%2BRjfdTz%2F44kur0Dh6EyHXtTke3FtKZq6QGix8QFPKdUE%2BTnZrDdQgwXhkv%2F3bXlOGEryeJBfbhYNDOwqVlgef"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-credentials: false
set-cookie: __cfruid=ba2acaf2613e32715b2d802f4a699cdadbe62756-1626113626; path=/; domain=.www.downunderenterprises.com; HttpOnly; Secure; SameSite=None
x-robots-tag: none
content-length: 2

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 5 KB
2 KB 165ms
147ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=4860912&contentId=49849936196&currentUrl=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

908d0649bcf0725fdf19095ae6974e649d08582b7ae68c83347a3d8d101f19fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 44ad5dfe-a4ec-4ccc-8960-e22a3aa26079
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qz%2FZLD0cowk%2FzGYQkTF7hN8PHGqa78eHeTELCX6DbPf2B0Gfdb5mP7O7Qay6UhtNAROARQhZIkHQPYHe2rxY%2FHazGQUjBmwbxtl0yOM%2B4H18pVhYvef5WlpzNShUu5O85etoUgntpwY0cA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.downunderenterprises.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 66dc3f7a9f79dff7-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
462 B 40ms
40ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=ba72c6cb-e77b-4a09-aca7-93ef2d2f4ff0&lfi=1828521&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=4860912&pi=49849936196&ct=landing-page&ccu=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications&cpi=49849936196&lpi=49849936196&lvi=49849936196&lvc=en&pu=https%3A%2F%2Fwww.downunderenterprises.com%2Ftea_tree_oil_white_paper_acne_applications&t=White+Paper%3A+Applications+of+Tea+Tree+Oil+for+Acne+Vulgaris&cts=1626113632564&vi=c8f2102bd819ebeba1456646c2335c5d&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:13:52 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a4601d96-e430-48b7-abfd-68564d7674e1
cf-ray: 66dc3f7b8d4d4e74-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BrUFfWnns0fZ2tVQKmbv06QyLgBztH3ApK2KjaQlUgIAsFve28Q3XrnTLqySZbea0p2Kh%2BNpSKPRAkpEuRgNsiy7kYO%2Fu4sZyGqrWVFPZXp%2FWLq8k1W52SO4VL7XPpZ5gqUGSfJownpUUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 Ecovadis%20Platinum%202021.png
www.downunderenterprises.com/hubfs/ 148 KB
149 KB 51ms
51ms Image
image/webp 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.downunderenterprises.com/hubfs/Ecovadis%20Platinum%202021.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8a5e169fb0ec2a4f9a5111ce0fd097a455fe03a0395787d66c79aac29d4bd33

Request headers

:path: /hubfs/Ecovadis%20Platinum%202021.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.downunderenterprises.com
referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.downunderenterprises.com/tea_tree_oil_white_paper_acne_applications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-44653549844,P-4860912,FLS-ALL
age: 43540
x-amz-server-side-encryption: AES256
edge-cache-tag: F-44653549844,P-4860912,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Ecovadis%20Platinum%202021.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: WNSNJ2BCHYY4W296
cf-bgj: imgq:85,h2pri
etag: "85630f2cfff249bfaa387c290f266939"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis: 1617838378812
date: Mon, 12 Jul 2021 18:13:53 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C1
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=443278
x-cache: Miss from cloudfront
x-amz-meta-index-tag: all
content-length: 151646
x-amz-id-2: +PHpGWJvPmln1XsZ/uCVlJRf5O6xEVfA1tKDMuJk8aHM7qD00LhVxQFcaCVfP6BacquagpEPLls=
last-modified: Wed, 07 Apr 2021 23:33:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ft6gtZfQsQ3JBs%2Fe82VmsGOviZTmbKoMEO65uSMHwjblBcTNVb446YZEixAOxpmGS35b%2Fsyr8AmDcwL96R6U6iKyucI0MpE4R1YMx%2FKc89e55qu8qXq62LEBfg16udTDip4i4yECAx8%2B5%2FqgTdKe28meHu9S"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1NomYwqjq5sE2dZR0._efOLsK9pOil4D
set-cookie: __cfruid=5ac6e97d8d569320707d205c5c8869589c17e6f2-1626113633; path=/; domain=.www.downunderenterprises.com; HttpOnly; Secure; SameSite=None
accept-ranges: bytes
cf-ray: 66dc3f81cc6dc2c2-FRA
x-amz-cf-id: UIlXkBBs6l3TQmzDpiV7CL5CK6g6GrX69fc_IqFy--JkgeBwuFGErg==

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9815887.fls.doubleclick.net
adservice.google.com
api.hubspot.com
app.hubspot.com
assets.adobedtm.com
cdn2.hubspot.net
d1eoo1tco6rr5e.cloudfront.net
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
insight.adsrvr.org
js.hs-analytics.net
js.hs-banner.com
js.hscollectedforms.net
js.hsleadflows.net
js.usemessages.com
perf.hsforms.com
static.hsappstatic.net
track.hubspot.com
trust.profiles.eco
www.downunderenterprises.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.rumiview.com
13.32.25.53
142.250.185.102
199.185.0.231
2606:2c40::c73c:671f
2606:4700::6810:5605
2606:4700::6811:47b0
2606:4700::6811:81ab
2606:4700::6811:9d2
2606:4700::6811:e8cc
2606:4700::6811:eccc
2606:4700::6811:f4cc
2606:4700::6812:15bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a02:26f0:6c00:28a::1e80
34.254.108.170
52.222.150.145
0a4daa4d6bc7993e19565f514eae2f3635003b35a31c22e61d03a497f7fc7d0f
137550ad4d9cfa543b99c1f7c7309ea62089b299efdcb245a8981c9342eedab1
18f78613ff1f52c91fed9aac24157d2c7b1e935decdcb42dae5b5ed997b060ce
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cbaa551c65d4141b67eeb665be0c32de12428ff0e2d01cc662493acb10bea34
273d44f76a2259ceacdb278335c84c20071762ce72e3a0f504036f8870f112d1
29dc9275435522ec9ca4540b39dbe2f22846be426e5d8c4ec61be32cd1ddf480
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3005a5c928e16e0fcd86231df37c66134d6f23c126c76f2916c3714512da5dee
3220688f54742c63eed643a017ae2dcbfd0876c6b10cd9c05a92b885468b9026
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170
3d142e758e020032270136ba5688c240d9a45b3d206bc423e6b17724dcd38128
3deb2a6295e260738f6a0b484f7a437292f2e1d731890a13c147f3a9c4a68e00
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
434c52c31025206a9297c5c61051906609efa115704ad672e43093bb1855b202
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
574b10c3beed7a68e15936eb5d289d7c68e46786e7ad4ceb85d4a9f54975b866
59d666f356fbd1c5b2ed351c241f82adfab01cfea76230ae1b2ee96699e92f29
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d9a3def2872b9c3bdc609f0bb45e0c351939e6b0b6f8d34bd1c7bc33f374a4e
5de410aa786cf39744068b26e72ed295f22d6c80af430b9d900786e013e87d9c
5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
69aea70ed00c6297e407afc0b1ccf6db9629eedc412bf0779467f3e462d346e3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c8a63f142de805b18df142ad52c05adda50e9a4749d4b8e3bef28b119100993
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
7c2a277c6070ab079fe4ff7c4d881d86612ce83b5ddedfbd8459e950fb7e54b4
7ff15ba580c0491eb20848de7c7ba5c25b04075335aabef4455d2ddd5c8df19e
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
853a34dafb071041464fbe495a845ffeeeab79afee39d7dc07ab1e0a379a9c61
86df3040b6dbd928fe899766f6ddbf4c6407785f21e6c2a6b6302d51becf9cf8
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
908d0649bcf0725fdf19095ae6974e649d08582b7ae68c83347a3d8d101f19fb
90f8a77f1f311bce1a04ca85ba00253441c8b50811f5226b4602ee36cddf1537
94176d09b9382e90f71916d8875bb97d85ce988c6844893d1451e511afadbd95
a11d31336d81165454b7e760f4bf50d5a678c1d64009e7d9a1663965a6859f59
a3ab62d070a6152ab6c46fe0c08179849263c9c34d385c1bfe9faa0a56e7f6fa
a71ee03e7aa881eb197829a995e9985a74d271390b4da1629142529d64babaa5
aa8f98ad518df97fb35059f4a8105dc6f572b17e3f4ae934cb9193cd2843d5ae
ab46a8e067169b8d08a06e6464db1062d802fbdce2ab241fe184acd3b0c85481
be5a8199b59c8ef5395eff00858a98495c74cf40a7b4a56409f541a39821f603
bf9d822e852c6aabf9e5dc23fd40590fc8867b5bc0fe3adebd5652417aedb018
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
d0e9c382974b381ed15b7a6cb9be912242269a32a6b9ddfcf490dc749e3e4594
d7b14e8cbc68c5ca532d84f66d7ef45f7d5c89a2602da2e6f19cfd56f867e621
d86e3e5596108c9411494ed3c1dddfd812750126864620f4e88b65f368d4f89a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a38b04932e2ad77d85997f5cef0de384ecc1bb0b854cf619cb32501158692e
e734e59613ad8acfa314df40d191a7ffc831d35ce0409836d712e6233ade125a
e8a5e169fb0ec2a4f9a5111ce0fd097a455fe03a0395787d66c79aac29d4bd33
e91b14af6845a1467ae2abd1ec69d9c83184e76d3ac37d28c18f33bb91800611
e948723ae61dedda395f9ffb83e45fee21fd7c3cb636ed4c36565f3e7a7da0de
eeb64dd5758f718909b362f2da45d81933e374000ea43f439fbb4408ddf4fbcf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3e966dba9ce9660e8db166e39c0c79ec50d1f44373a9006ac2270f1a597b6d5
f77d3c1370ade66f0bad60487b1f4127460dd1bb40341bb2143368ee4471ddc6
f8256587ef4143cd080a6ca897c60fa0e7056e8e385733ee071cc91596e6a8ea
fc1aef90a382654d13406af9eef8d597a2273ceaf8ac685ac65033fb752669b3

www.downunderenterprises.com Open in urlscan Pro 2606:2c40::c73c:671f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

76 Requests

100 %HTTPS

79 %IPv6

19 Domains

25 Subdomains

24 IPs

3 Countries

2800 kBTransfer

5715 kBSize

0 Cookies

4 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.downunderenterprises.com Open in urlscan Pro
2606:2c40::c73c:671f Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

100 %
HTTPS

79 %
IPv6

19
Domains

25
Subdomains

24
IPs

3
Countries

2800 kB
Transfer

5715 kB
Size

0
Cookies

76 HTTP transactions
0 data transactions