www.stuff.co.nz Open in urlscan Pro
2a02:26f0:3500:592::3871 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Submission: On September 07 via api (September 7th 2022, 7:18:04 pm UTC) from US — Scanned from DE

Summary HTTP 249 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 64 IPs in 9 countries across 45 domains to perform 249 HTTP transactions. The main IP is 2a02:26f0:3500:592::3871, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.stuff.co.nz. The Cisco Umbrella rank of the primary domain is 202185.
TLS certificate: Issued by DigiCert ECC Secure Server CA on February 21st 2022. Valid for: 7 months.

This is the only time www.stuff.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 43	2a02:26f0:350... 2a02:26f0:3500:592::3871	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a02:26f0:ea:... 2a02:26f0:ea:489::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	35.190.72.53 35.190.72.53	15169 (GOOGLE) (GOOGLE)
1	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
3	88.221.169.78 88.221.169.78	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:225... 2600:9000:225e:d600:1a:9e13:5280:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.225.78.36 13.225.78.36	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	3.248.73.132 3.248.73.132	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	152.67.105.100 152.67.105.100	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	13.225.78.86 13.225.78.86	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3032::ac43:bf95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:69b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:350... 2a02:26f0:3500:e::1732:834e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
32	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
3	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
15	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
4	13.224.189.3 13.224.189.3	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.41 13.224.189.41	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:206... 2600:9000:206e:a00:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	2600:9000:206... 2600:9000:206e:de00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.50.98 35.190.50.98	15169 (GOOGLE) (GOOGLE)
2	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	34.255.225.203 34.255.225.203	16509 (AMAZON-02) (AMAZON-02)
1 1	52.215.56.149 52.215.56.149	16509 (AMAZON-02) (AMAZON-02)
1	52.30.241.123 52.30.241.123	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211a:e400:1e:9232:ebc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
15	13.32.110.125 13.32.110.125	16509 (AMAZON-02) (AMAZON-02)
2	151.101.194.227 151.101.194.227	54113 (FASTLY) (FASTLY)
1	23.35.229.181 23.35.229.181	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.227.201.100 35.227.201.100	15169 (GOOGLE) (GOOGLE)
1	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:219c:3200:1b:11ff:f600:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	184.29.193.239 184.29.193.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.225.85.39 13.225.85.39	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	20.50.2.28 20.50.2.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.66.227 151.101.66.227	54113 (FASTLY) (FASTLY)
1	13.54.9.50 13.54.9.50	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 1	54.171.98.27 54.171.98.27	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:10e... 2a02:26f0:10e:38f::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	199.232.18.132 199.232.18.132	54113 (FASTLY) (FASTLY)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:cb0... 2a02:6ea0:cb00::2	60068 (CDN77 ^_^) (CDN77 ^_^)
10	2600:9000:206... 2600:9000:206e:9c00:1d:ff29:58c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.205.239.15 23.205.239.15	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	52.16.88.31 52.16.88.31	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:7c00:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	104.96.159.57 104.96.159.57	16625 (AKAMAI-AS) (AKAMAI-AS)
3	147.75.83.64 147.75.83.64	54825 (PACKET) (PACKET)
2 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	54.80.61.218 54.80.61.218	14618 (AMAZON-AES) (AMAZON-AES)
1	34.249.4.48 34.249.4.48	16509 (AMAZON-02) (AMAZON-02)
2 2	52.17.214.109 52.17.214.109	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:2a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2013	15169 (GOOGLE) (GOOGLE)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
5	23.35.229.56 23.35.229.56	16625 (AKAMAI-AS) (AKAMAI-AS)
249	64

43 2a02:26f0:3500:592::3871 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.stuff.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
interactives.stuff.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static3.stuff.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.stuff.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:ea:489::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.53 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 53.72.190.35.bc.googleusercontent.com

static.apester.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

sdk.apester.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.221.169.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-78.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:d600:1a:9e13:5280:93a1 (United States)

ASN16509 (AMAZON-02, US)

videos.oovvuu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-36.fra2.r.cloudfront.net

dashboard.presspatron.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.248.73.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-73-132.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.67.105.100 (Bungarribee, Australia)

ASN31898 (ORACLE-BMC-31898, US)

stuffnz-sydney.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-86.fra2.r.cloudfront.net

cdn.kdaimo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:bf95 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:69b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:e::1732:834e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ds-aksb-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o68184.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

cdn.neighbourly.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

www.neighbourly.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

widgets.neighbourly.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.189.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-3.fra2.r.cloudfront.net

www.playwidget.stuff.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-41.fra2.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:206e:a00:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:206e:de00:1e:a43d:b640:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

experience-au.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
code.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy-au.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2-au.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.50.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.50.190.35.bc.googleusercontent.com

cdn.sajari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.225.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-225-203.eu-west-1.compute.amazonaws.com

fairfax.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.56.149 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-56-149.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.241.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-241-123.eu-west-1.compute.amazonaws.com

fairfaxnz.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:e400:1e:9232:ebc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.ffxpub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 13.32.110.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-125.vie50.r.cloudfront.net

cf-images.ap-southeast-2.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.227 (United States)

ASN54113 (FASTLY, US)

resources.stuff.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.201.100 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 100.201.227.35.bc.googleusercontent.com

events.apester.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

somniture.stuff.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:219c:3200:1b:11ff:f600:21 (United States)

ASN16509 (AMAZON-02, US)

d867x8xq12ag.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.29.193.239 (Haarlem, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-193-239.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l3.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.85.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-39.fra2.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.227 (United States)

ASN54113 (FASTLY, US)

adfeeds.stuff.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.54.9.50 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-54-9-50.ap-southeast-2.compute.amazonaws.com

adapi.stuff.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.98.27 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-98-27.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:10e:38f::268b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.18.132 (Vienna, Austria)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:cb00::2 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:206e:9c00:1d:ff29:58c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn2.neighbourly.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.239.15 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-239-15.deploy.static.akamaitechnologies.com

www.aaxdetect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.88.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-88-31.eu-west-1.compute.amazonaws.com

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:7c00:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

xas5wvnt8fdfxhrf7wtoa6ehqehnw1662578278.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.159.57 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-57.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.80.61.218 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-61-218.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.4.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-4-48.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.214.109 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-214-109.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)

i.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

re.sajari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	neighbourly.co.nz cdn.neighbourly.co.nz — Cisco Umbrella Rank: 471507 www.neighbourly.co.nz — Cisco Umbrella Rank: 358146 widgets.neighbourly.co.nz — Cisco Umbrella Rank: 785589 cdn2.neighbourly.co.nz — Cisco Umbrella Rank: 651335	2 MB
52	stuff.co.nz 1 redirects www.stuff.co.nz — Cisco Umbrella Rank: 202185 interactives.stuff.co.nz — Cisco Umbrella Rank: 553652 static3.stuff.co.nz — Cisco Umbrella Rank: 757635 www.playwidget.stuff.co.nz — Cisco Umbrella Rank: 911402 my.stuff.co.nz — Cisco Umbrella Rank: 401720 resources.stuff.co.nz — Cisco Umbrella Rank: 257346 somniture.stuff.co.nz — Cisco Umbrella Rank: 522681 adfeeds.stuff.co.nz — Cisco Umbrella Rank: 519751 adapi.stuff.co.nz — Cisco Umbrella Rank: 551865	1 MB
15	boltdns.net cf-images.ap-southeast-2.prod.boltdns.net — Cisco Umbrella Rank: 96386	2 MB
12	piano.io experience-au.piano.io — Cisco Umbrella Rank: 467501 code.piano.io — Cisco Umbrella Rank: 38348 buy-au.piano.io — Cisco Umbrella Rank: 344973 c2-au.piano.io — Cisco Umbrella Rank: 325610 i.piano.io — Cisco Umbrella Rank: 49997	252 KB
11	imrworldwide.com 2 redirects cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2629 secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2066 secure-dcr.imrworldwide.com — Cisco Umbrella Rank: 2541 xas5wvnt8fdfxhrf7wtoa6ehqehnw1662578278.nuid.imrworldwide.com	80 KB
9	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	90 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120 ajax.googleapis.com — Cisco Umbrella Rank: 480	16 KB
8	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 297 fairfax.demdex.net — Cisco Umbrella Rank: 446052	10 KB
7	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 5632 p1cluster.cxense.com — Cisco Umbrella Rank: 10706 comcluster.cxense.com — Cisco Umbrella Rank: 5366 id.cxense.com — Cisco Umbrella Rank: 11107	67 KB
7	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 553	149 KB
6	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1474 amplifypixel.outbrain.com — Cisco Umbrella Rank: 19889 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3337 odb.outbrain.com — Cisco Umbrella Rank: 1813 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5995	75 KB
5	teads.tv a.teads.tv — Cisco Umbrella Rank: 1392 t.teads.tv — Cisco Umbrella Rank: 2658	134 KB
5	gstatic.com fonts.gstatic.com	106 KB
5	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 stats.g.doubleclick.net — Cisco Umbrella Rank: 188 cm.g.doubleclick.net — Cisco Umbrella Rank: 303	131 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	79 KB
4	aaxads.com c.aaxads.com — Cisco Umbrella Rank: 4150 l3.aaxads.com — Cisco Umbrella Rank: 6856	131 KB
4	apester.com 1 redirects static.apester.com — Cisco Umbrella Rank: 18782 sdk.apester.com — Cisco Umbrella Rank: 19910 events.apester.com — Cisco Umbrella Rank: 18207	65 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 2436 load77.exelator.com — Cisco Umbrella Rank: 4165	2 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3797 collector.brandmetrics.com — Cisco Umbrella Rank: 4155	17 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1087	585 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1847 beacon.krxd.net — Cisco Umbrella Rank: 741	528 B
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 4001 p1.parsely.com — Cisco Umbrella Rank: 3342	26 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	92 KB
2	sajari.com cdn.sajari.com — Cisco Umbrella Rank: 112906 re.sajari.com — Cisco Umbrella Rank: 131216	23 KB
2	akamaihd.net ds-aksb-a.akamaihd.net — Cisco Umbrella Rank: 7174	5 KB
2	presspatron.com dashboard.presspatron.com — Cisco Umbrella Rank: 91063	12 KB
1	media.net c21lg-d.media.net — Cisco Umbrella Rank: 3461	329 B
1	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 2012	175 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 1115	214 B
1	aaxdetect.com www.aaxdetect.com — Cisco Umbrella Rank: 10346	342 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 775	476 B
1	google.de www.google.de — Cisco Umbrella Rank: 3469	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 19	501 B
1	cloudfront.net d867x8xq12ag.cloudfront.net	746 B
1	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 4265	464 B
1	ffxpub.com sdk.ffxpub.com — Cisco Umbrella Rank: 656281	20 KB
1	omtrdc.net fairfaxnz.tt.omtrdc.net — Cisco Umbrella Rank: 476854	719 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1651	517 B
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 2028	36 KB
1	sentry.io o68184.ingest.sentry.io — Cisco Umbrella Rank: 501474	277 B
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 5861	3 KB
1	kdaimo.com cdn.kdaimo.com — Cisco Umbrella Rank: 39600	4 KB
1	gscontxt.net stuffnz-sydney.gscontxt.net — Cisco Umbrella Rank: 447598	302 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	28 KB
1	oovvuu.com videos.oovvuu.com — Cisco Umbrella Rank: 393345
249	45

	Domain	Requested by
36	www.stuff.co.nz	www.stuff.co.nz www.playwidget.stuff.co.nz widgets.neighbourly.co.nz
32	cdn.neighbourly.co.nz	www.stuff.co.nz cdn.neighbourly.co.nz www.neighbourly.co.nz widgets.neighbourly.co.nz
15	cf-images.ap-southeast-2.prod.boltdns.net	www.playwidget.stuff.co.nz
15	widgets.neighbourly.co.nz	www.stuff.co.nz widgets.neighbourly.co.nz
10	cdn2.neighbourly.co.nz	widgets.neighbourly.co.nz
9	cdnjs.cloudflare.com	buy-au.piano.io
7	fonts.googleapis.com	www.stuff.co.nz www.playwidget.stuff.co.nz cdn.neighbourly.co.nz widgets.neighbourly.co.nz
7	assets.adobedtm.com	www.stuff.co.nz assets.adobedtm.com
6	buy-au.piano.io	code.piano.io www.stuff.co.nz buy-au.piano.io
6	dpm.demdex.net	assets.adobedtm.com www.stuff.co.nz
5	fonts.gstatic.com	fonts.googleapis.com
5	my.stuff.co.nz	1 redirects www.stuff.co.nz my.stuff.co.nz
5	www.google-analytics.com	assets.adobedtm.com www.stuff.co.nz d867x8xq12ag.cloudfront.net www.googletagmanager.com
4	cdn.cxense.com	code.piano.io cdn.cxense.com
4	secure-gl.imrworldwide.com	2 redirects secure-gl.imrworldwide.com www.stuff.co.nz
4	cdn-gl.imrworldwide.com	www.stuff.co.nz cdn-gl.imrworldwide.com
4	www.playwidget.stuff.co.nz	www.stuff.co.nz www.playwidget.stuff.co.nz
3	a.teads.tv	www.stuff.co.nz a.teads.tv
3	i.piano.io	buy-au.piano.io
3	c.aaxads.com	www.stuff.co.nz c.aaxads.com
3	www.neighbourly.co.nz	www.stuff.co.nz cdn.neighbourly.co.nz
2	t.teads.tv
2	sync.crwdcntrl.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	secure-dcr.imrworldwide.com	www.stuff.co.nz
2	loadm.exelator.com	2 redirects
2	www.googletagmanager.com	cdn.neighbourly.co.nz www.neighbourly.co.nz
2	events.apester.com	www.stuff.co.nz
2	resources.stuff.co.nz	www.playwidget.stuff.co.nz www.stuff.co.nz
2	securepubads.g.doubleclick.net	www.googletagservices.com www.stuff.co.nz
2	fairfax.demdex.net	assets.adobedtm.com www.neighbourly.co.nz
2	ds-aksb-a.akamaihd.net	www.stuff.co.nz
2	cdn.brandmetrics.com	www.stuff.co.nz cdn.brandmetrics.com
2	dashboard.presspatron.com	www.stuff.co.nz dashboard.presspatron.com
2	widgets.outbrain.com	www.stuff.co.nz widgets.outbrain.com
1	c21lg-d.media.net	c.aaxads.com
1	re.sajari.com	www.stuff.co.nz
1	ajax.googleapis.com	buy-au.piano.io
1	id.cxense.com	cdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	beacon.krxd.net	www.stuff.co.nz
1	usermatch.krxd.net	1 redirects
1	p1cluster.cxense.com	cdn.cxense.com
1	x.dlx.addthis.com	1 redirects
1	mcdp-nydc1.outbrain.com	www.stuff.co.nz
1	l3.aaxads.com	www.stuff.co.nz
1	xas5wvnt8fdfxhrf7wtoa6ehqehnw1662578278.nuid.imrworldwide.com	www.stuff.co.nz
1	token.rubiconproject.com	www.stuff.co.nz
1	www.aaxdetect.com	www.stuff.co.nz
1	load77.exelator.com	www.stuff.co.nz
1	odb.outbrain.com	widgets.outbrain.com
1	p1.parsely.com	www.stuff.co.nz
1	c2-au.piano.io	www.stuff.co.nz
1	aa.agkn.com	1 redirects
1	www.google.de	www.stuff.co.nz
1	www.google.com	www.stuff.co.nz
1	adapi.stuff.co.nz	www.stuff.co.nz
1	adfeeds.stuff.co.nz	www.stuff.co.nz
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	stats.g.doubleclick.net	www.stuff.co.nz
1	cdn.parsely.com	www.stuff.co.nz
1	d867x8xq12ag.cloudfront.net	dashboard.presspatron.com
1	code.piano.io	experience-au.piano.io
1	somniture.stuff.co.nz	www.stuff.co.nz
1	widget-pixels.outbrain.com	www.stuff.co.nz
1	tcheck.outbrainimg.com	www.stuff.co.nz
1	sdk.ffxpub.com	www.stuff.co.nz
1	fairfaxnz.tt.omtrdc.net	www.stuff.co.nz
1	cm.everesttech.net	1 redirects
1	amplifypixel.outbrain.com	www.stuff.co.nz
1	cdn.sajari.com	www.stuff.co.nz
1	experience-au.piano.io	www.stuff.co.nz
1	ats.rlcdn.com	www.stuff.co.nz
1	static3.stuff.co.nz	www.stuff.co.nz
1	interactives.stuff.co.nz	www.stuff.co.nz
1	o68184.ingest.sentry.io	www.stuff.co.nz
1	www.npttech.com	www.stuff.co.nz
1	cdn.kdaimo.com	www.stuff.co.nz
1	stuffnz-sydney.gscontxt.net	www.stuff.co.nz
1	www.googletagservices.com	www.stuff.co.nz
1	videos.oovvuu.com	www.stuff.co.nz
1	sdk.apester.com	www.stuff.co.nz
1	static.apester.com	1 redirects
249	83

This site contains links to these domains. Also see Links.

Domain
interactives.stuff.co.nz
advertise.stuff.co.nz
stuff.co.nz
www.stuffads.co.nz
play.stuff.co.nz
neighbourly.co.nz
mags4gifts.co.nz
www.ensemblemagazine.co.nz
www.stuffevents.co.nz
coupons.stuff.co.nz
dashboard.presspatron.com
www.neighbourly.co.nz
travel-booking.stuff.co.nz
wildclean.com
deaths.stuff.co.nz
careers.stuff.co.nz
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
www.stuff.co.nz DigiCert ECC Secure Server CA	`2022-02-21` - `2022-10-05`	7 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
videos.oovvuu.com Amazon	`2021-12-17` - `2023-01-15`	a year	crt.sh
dashboard.presspatron.com Amazon	`2022-02-16` - `2023-03-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-08` - `2022-12-08`	a year	crt.sh
cdn.kdaimo.com Amazon	`2021-10-28` - `2022-11-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.ingest.sentry.io R3	`2022-08-20` - `2022-11-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.neighbourly.co.nz R3	`2022-08-10` - `2022-11-08`	3 months	crt.sh
playwidget.stuff.co.nz Amazon	`2022-05-07` - `2023-06-05`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
cdn.sajari.com GTS CA 1D4	`2022-07-25` - `2022-10-23`	3 months	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
ffxpub.com Amazon	`2022-06-25` - `2023-07-24`	a year	crt.sh
*.prod.boltdns.net Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
events.apester.com R3	`2022-08-11` - `2022-11-09`	3 months	crt.sh
somniture.stuff.co.nz DigiCert TLS RSA SHA256 2020 CA1	`2021-12-16` - `2023-01-16`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.aaxads.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2022-06-11` - `2023-06-11`	a year	crt.sh
*.stuff.co.nz Amazon	`2021-10-29` - `2022-11-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-17` - `2023-04-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.aaxdetect.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.nuid.imrworldwide.com Amazon	`2022-05-12` - `2023-06-10`	a year	crt.sh
re.sajari.com GTS CA 1D4	`2022-08-21` - `2022-11-19`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Frame ID: 10C713DB950A747A8C4085E6EE35CC4D
Requests: 101 HTTP requests in this frame

Frame: https://cdn.neighbourly.co.nz/widget/real-estate/177859/desktop
Frame ID: C00D5FF366AF5CC6C730DB2EE7606974
Requests: 14 HTTP requests in this frame

Frame: https://www.neighbourly.co.nz/stuff/1233/hide-realestate
Frame ID: 479AAD5A1830C3F23D5D8BB0FF839A96
Requests: 19 HTTP requests in this frame

Frame: https://widgets.neighbourly.co.nz/showcaseplus
Frame ID: 848FE2CC25B48AEF1BBEBAE40FC91649
Requests: 50 HTTP requests in this frame

Frame: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Frame ID: 16296FFD6605B63AFDF0352EFD001B62
Requests: 27 HTTP requests in this frame

Frame: https://fairfax.demdex.net/dest5.html?d_nsid=0
Frame ID: D4579890FC94B61BE06314A7605A72B8
Requests: 8 HTTP requests in this frame

Frame: https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/callback/signin-callback.html?error=login_required&state=082ff4aecefa433baaef0fd6568c0814&session_state=e92141911ebb511a9d2d1b38c531fc62ef371e6f107a98894f3ff5aa9cf9c963.1422243792
Frame ID: ACC348007331AF6B2463947AF6994C4A
Requests: 2 HTTP requests in this frame

Frame: https://dashboard.presspatron.com/websites/153/custom_button
Frame ID: F13AFC05B8B7C62459C072DA92B9FCA7
Requests: 3 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: 2152163CD8393779A19B6B1B1A69D8CD
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 1F647816C4DE1FDD27BD8F889B7310CF
Requests: 3 HTTP requests in this frame

Frame: https://my.stuff.co.nz/session-management
Frame ID: 8077E21310F670CBF1ED870DE6E3F7A4
Requests: 3 HTTP requests in this frame

Frame: https://buy-au.piano.io/checkout/template/cacheableShow?aid=ooaGPZ28pa&templateId=OT7A8RZIFO4E&offerId=fakeOfferId&experienceId=EX56LBDCL3RM&iframeId=offer_d69a7ec253276449135a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid-au.piano.io%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.stuff.co.nz
Frame ID: E7CF9A2BD97753C52E2D8C57072BB5C0
Requests: 17 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 121D078EA14E5BBAC2ABAC4606C9D1A8
Requests: 4 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxs.php?flg=AAX76609S&fv=1&fy=37&ke=1&suylg=263%2C167%2C89%2C310%2C203%2C368%2C206%2C292%2C271%2C241%2C251%2C356%2C272%2C213%2C282%2C209%2C229%2C195%2C267%2C3004%2C159%2C214&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 9E6E7BCD61209DFC2DC1E27AA3795DF3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ransomware attack: Waikato DHB supporting patients after documents dumped online | Stuff.co.nzFacebookTwitterWhatsAppRedditEmailFacebookTwitterWhatsAppRedditEmailFacebookTwitterSnapchatShielded Site

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react
react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

249
Requests

96 %
HTTPS

39 %
IPv6

45
Domains

83
Subdomains

64
IPs

9
Countries

6795 kB
Transfer

12338 kB
Size

50
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://interactives.stuff.co.nz/2020/03/support-stuffs-journalism/?utm_supportprogramme=navigationbar
Title: contribute

Search URL Search Domain Scan URL

URL: https://advertise.stuff.co.nz/
Title: Advertising

Search URL Search Domain Scan URL

URL: https://stuff.co.nz/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://stuff.co.nz/about-stuff/10648385/Privacy-Policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://stuff.co.nz/about-stuff/33785/Contact-Us
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.stuffads.co.nz/
Title: stuff ads

Search URL Search Domain Scan URL

URL: https://play.stuff.co.nz/
Title: Play Stuff

Search URL Search Domain Scan URL

URL: https://neighbourly.co.nz/
Title: neighbourly

Search URL Search Domain Scan URL

URL: https://mags4gifts.co.nz/
Title: mags4gifts

Search URL Search Domain Scan URL

URL: https://www.ensemblemagazine.co.nz/
Title: Ensemble

Search URL Search Domain Scan URL

URL: https://www.stuffevents.co.nz/
Title: stuff events

Search URL Search Domain Scan URL

URL: https://coupons.stuff.co.nz/
Title: stuff coupons

Search URL Search Domain Scan URL

URL: https://dashboard.presspatron.com/donations/new?frame=1&t=TJu26zZFBKa635NQ13AZRn8S

Search URL Search Domain Scan URL

URL: https://www.neighbourly.co.nz/
Title: Neighbourly

Search URL Search Domain Scan URL

URL: https://travel-booking.stuff.co.nz/
Title: Travel Bookings

Search URL Search Domain Scan URL

URL: https://wildclean.com/
Title: WildClean

Search URL Search Domain Scan URL

URL: https://deaths.stuff.co.nz/obituaries/stuff-nz
Title: Family Notices

Search URL Search Domain Scan URL

URL: https://careers.stuff.co.nz/
Title: Careers

Search URL Search Domain Scan URL

URL: https://stuff.co.nz/about-stuff/10647720/Stuffs-terms-and-conditions
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Stuff.co.nz
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/NZStuff
Title: Twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://static.apester.com/js/sdk/latest/apester-sdk.js HTTP 301
https://sdk.apester.com/web-sdk.core.legacy.min.js

Request Chain 45

https://secure-gl.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 51

https://cm.everesttech.net/cm/dd?d_uuid=26050201013146273894431301852634562067 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxjuZQAAAGQMNwOV

Request Chain 57

https://my.stuff.co.nz/authorize?client_id=6380a421-afcd-45b4-b9ab-393d3f105da3&redirect_uri=https%3A%2F%2Fwww.stuff.co.nz%2Fstatic%2Fstuff-login-browser-sdk%2F1.2.3%2Fcallback%2Fsignin-callback.html&response_type=id_token%20token&scope=openid%20profile%20email%20address&state=082ff4aecefa433baaef0fd6568c0814&nonce=8a99d3cc7c8e4f9986d2d9cc505fb1cf&prompt=none HTTP 302
https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/callback/signin-callback.html?error=login_required&state=082ff4aecefa433baaef0fd6568c0814&session_state=e92141911ebb511a9d2d1b38c531fc62ef371e6f107a98894f3ff5aa9cf9c963.1422243792

Request Chain 119

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=26050201013146273894431301852634562067 HTTP 302
https://dpm.demdex.net/ibs:dpid=21&dpuuid=219333204267003761744

Request Chain 130

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=26050201013146273894431301852634562067 HTTP 302
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=26050201013146273894431301852634562067&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 163

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1662578278325&ci=nz-stuff&js=1&cg=0&ts=p.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&sr=1600x1200&id=lstrg-dd6fefae2a929fb629b3b705e4ec8e5d HTTP 302
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1662578278325&ci=nz-stuff&js=1&cg=0&ts=p.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&sr=1600x1200&id=lstrg-dd6fefae2a929fb629b3b705e4ec8e5d&ja=1

Request Chain 173

https://x.dlx.addthis.com/e/demdex_sync?na_exid=26050201013146273894431301852634562067&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022090719175800055375617600

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjYwNTAyMDEwMTMxNDYyNzM4OTQ0MzEzMDE4NTI2MzQ1NjIwNjc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjYwNTAyMDEwMTMxNDYyNzM4OTQ0MzEzMDE4NTI2MzQ1NjIwNjc=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDeHDS-h_CDV5mRTC2YQkCk&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 180

https://usermatch.krxd.net/um/v2?partner=adobe&id=26050201013146273894431301852634562067 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=26050201013146273894431301852634562067

Request Chain 185

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=26050201013146273894431301852634562067?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=26050201013146273894431301852634562067?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

249 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online Show response
www.stuff.co.nz/business/125592089/ 130 KB
38 KB 630ms
540ms Document
text/html 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Varnish / Express

Resource Hash

4f66651f92d5d54302d0bfbd1fdfda6eec032bc25405941d538268c13a70e004

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-inline' 'unsafe-eval' 'report-sample'; img-src http: https: data: blob:; media-src http: https: data: blob:; report-uri https://csp-reporter-production.apse2.ffx.nz/

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=180
content-encoding: gzip
content-length: 37836
content-security-policy: default-src https: data: blob: 'unsafe-inline' 'unsafe-eval' 'report-sample'; img-src http: https: data: blob:; media-src http: https: data: blob:; report-uri https://csp-reporter-production.apse2.ffx.nz/
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 19:17:57 GMT
etag: W/"1f068-fWPTAs9lmqGH+CNvT2aL5Uu2ZAE"
expires: Wed, 07 Sep 2022 19:20:57 GMT
server: Varnish
server-timing: serverLoadProps=597; "Server load props time", serverRender=5; "Server render time", total=632.9901699999999; "Total Response Time"
vary: Accept-Encoding
x-akamai-transformed: 9 36059 0 pmb=mTOE,2mRUM,1
x-cache-origin: HIT:Varnish
x-esi-enable: 1
x-lastbigmodificationtime: Tue, 29 Jun 2021 05:08:04 GMT
x-lastpublishtime: Tue, 29 Jun 2021 05:08:05 GMT
x-powered-by: Express
x-sics-version: 7.18.10
x-varnish: 68672735 1809289

GET
H2 200 launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js Show response
assets.adobedtm.com/ 412 KB
124 KB 154ms
18ms Script
application/x-javascript 2a02:26f0:ea:489::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:489::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 09675ea155d08e959872d1f64ae603c9e0071d502c7ddfe853e0fbabf7e9cc15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 01:39:50 GMT
server: AkamaiNetStorage
etag: "02c3030e25ead8aa3ab4580fc3536a80:1659317990.308043"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.stuff.co.nz
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 126779
expires: Wed, 07 Sep 2022 20:17:57 GMT

GET
H2 200 stuff-login-sdk.js Show response
www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/ 322 KB
87 KB 29ms
23ms Script
application/javascript 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/stuff-login-sdk.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 286a5bcfa642461849ca5397fde16452a1f50d784bc7cb1631099ced066831ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
content-length: 88598
x-esi-enable: 0
last-modified: Wed, 19 May 2021 02:37:50 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: W/"f73b63b9788f2f623698b107ed61ddba"
vary: Accept-Encoding
x-varnish: 352248230 325443964
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 07 Sep 2023 19:17:57 GMT

GET
H2 200 stuff-sans.css
www.stuff.co.nz/static/spade/fonts/ 5 KB
721 B 39ms
29ms Stylesheet
text/css 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans.css
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 9d2ed300e56e6818a6d7436b2bf489c58af9948328afc1985caf73a9f444c71d

Request headers

Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Origin: https://www.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
content-length: 452
x-esi-enable: 0
last-modified: Tue, 17 May 2022 04:11:23 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: W/"8783ea926fd6938471a3adee7992b39b"
vary: Accept-Encoding
x-varnish: 122399417 100822627
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: text/css
expires: Thu, 07 Sep 2023 19:17:57 GMT

GET
H2 200 STUFFSANSWEB-Regular.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ 34 KB
34 KB 53ms
45ms Font
binary/octet-stream 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Regular.woff2
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: eba8e146cb4aeb1da575bb17f8961d2594d0f60af6d7eaed5cdc95c4dcd451a1

Request headers

Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Origin: https://www.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:52 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "fe6cd12a1cf8b8619df8988d8a9de8a6"
x-varnish: 121135779 103426127
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 34328
expires: Thu, 07 Sep 2023 19:17:57 GMT

GET
H2 200 STUFFSANSWEB-Medium.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ 34 KB
34 KB 56ms
48ms Font
binary/octet-stream 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Medium.woff2
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: aa2364dedec6a43252d203e609c5a6f15a8a115004481e2713102c9623fb9435

Request headers

Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Origin: https://www.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:50 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "5ab0cd26b9190f6f68b2662a04b6c497"
x-varnish: 122659965 102329021
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 34512
expires: Thu, 07 Sep 2023 19:17:57 GMT

GET
H2 200 STUFFSANSWEB-SemiBold.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ 34 KB
34 KB 64ms
57ms Font
binary/octet-stream 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-SemiBold.woff2
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 5522fa3faddd44754a3031f0cea90f32c4da5ca5246a91be3f88fd58478d2005

Request headers

Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Origin: https://www.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-length: 34928
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:51 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "c0f391724faf1f645baa4e7063639d47"
access-control-max-age: 3000
access-control-allow-methods: GET
x-varnish: 122238383 121819520
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
expires: Thu, 07 Sep 2023 19:17:57 GMT

GET
H2 200 STUFFSANSWEB-Bold.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ 35 KB
35 KB 72ms
65ms Font
binary/octet-stream 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Bold.woff2
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 94b570c0adf306d4cfd4e6acf9750c96c2f8e8e5ec413d2776f247cdcd70e754

Request headers

Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Origin: https://www.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:45 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "87f1f4039a6a436c46cddb11fab184cd"
x-varnish: 120056490 101570627
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 35376
expires: Thu, 07 Sep 2023 19:17:57 GMT

GET
H2 200 promise.c023f864b8f8372dbaa4.js Show response
www.stuff.co.nz/sics-assets/js/ 9 KB
4 KB 84ms
78ms Script
application/javascript 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/sics-assets/js/promise.c023f864b8f8372dbaa4.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 6e29947674d4ba75d5417e6ad8b7d8f30cc56310394c1e5d4de713b827c31f73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
last-modified: Sun, 29 May 2022 12:04:02 GMT
server: S3
x-esi-enable: 0
x-cache-origin: HIT:Varnish
etag: W/"347ec38f6b02fa33ea79363c64b5bc54"
vary: Accept-Encoding
x-varnish: 142987377 141808218
cache-control: public, max-age=2592000
referer
accept-ranges: bytes
content-type: application/javascript
content-length: 3306
expires: Fri, 07 Oct 2022 19:17:57 GMT

GET
H2 200 stuff-plugins.min.js Show response
www.stuff.co.nz/static/scripts/stuff-plugins/ 6 KB
3 KB 14ms
14ms Script
application/javascript 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/scripts/stuff-plugins/stuff-plugins.min.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 15f0e8785ed86a7e2f77ee7f29dcb9c6dde7dd976e04de99c9d9e4cde7672aa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
content-length: 2408
x-esi-enable: 0
last-modified: Tue, 13 Oct 2020 00:46:27 GMT
server: S3
x-cache-origin: MISS:Varnish
etag: W/"e40968ccc329fa7fbc798f38e6627b5c"
vary: Accept-Encoding
x-varnish: 676936342
access-control-allow-origin: *
cache-control: public, max-age=3600
referer
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 07 Sep 2022 20:17:57 GMT

GET
H2

200

web-sdk.core.legacy.min.js Show response
sdk.apester.com/
Redirect Chain

https://static.apester.com/js/sdk/latest/apester-sdk.js
https://sdk.apester.com/web-sdk.core.legacy.min.js

177 KB
65 KB

76ms
8ms

Script
application/javascript

151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.apester.com/web-sdk.core.legacy.min.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 1a0decca0c2168150ddc4982022766c1a3268e18187e083149f4af1643a7ba06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
age: 442
x-cache: HIT
content-length: 66329
x-served-by: cache-hhn4028-HHN
access-control-allow-origin: *
last-modified: Sun, 04 Sep 2022 08:02:35 GMT
server: nginx/1.20.2
x-timer: S1662578277.486575,VS0,VE0
etag: W/"63145b9b-2c3c7"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
via: 1.1 google, 1.1 varnish
cache-control: public,s-maxage=900,max-age=900
accept-ranges: bytes
x-cache-hits: 1861

Redirect headers

date: Wed, 07 Sep 2022 19:11:01 GMT
via: 1.1 google
server: nginx/1.23.1
age: 416
vary: Accept-Encoding
content-type: text/html
location: https://sdk.apester.com/web-sdk.core.legacy.min.js
cache-control: public,s-maxage=942,max-age=942
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 169

GET
H2 200 style.2a242b74b689207.css
www.stuff.co.nz/sics-assets/css/ 143 KB
34 KB 84ms
79ms Stylesheet
text/css 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/sics-assets/css/style.2a242b74b689207.css
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 788428389780b0f3802dcb3ad86176ba22aefec9a6d7f255794755c34d2ec264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 00:39:18 GMT
server: S3
x-esi-enable: 0
x-cache-origin: HIT:Varnish
etag: W/"0aa922f60435207e42f4119e7081de0d"
vary: Accept-Encoding
x-varnish: 163590577 163169701
cache-control: public, max-age=2592000
referer
accept-ranges: bytes
content-type: text/css
content-length: 34148
expires: Fri, 07 Oct 2022 19:17:57 GMT

GET
H2 200 7a4b3a79 Show response
www.stuff.co.nz/akam/13/ 26 KB
9 KB 22ms
21ms Script
application/javascript 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/akam/13/7a4b3a79
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95bf75ac12ac6742c514e6a5badee856d1b9a6e09beed2d4d1f5f52e743cb7a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 15:12:35 GMT
etag: "ddd387468c9903f3f2eb05cd27ea019f78b1225ab37b1d78a69520afdc602ddb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
content-length: 8772
expires: Wed, 07 Sep 2022 19:17:57 GMT

GET
H2 200 stuff-header-bidding.js Show response
www.stuff.co.nz/static/stuff-header-bidding/latest/ 12 KB
4 KB 22ms
20ms Script
application/javascript 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/stuff-header-bidding/latest/stuff-header-bidding.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 96a1951bf490b344d6776ce3b6539bb632d3019017541d876eb3f50af85444f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
content-length: 3504
x-esi-enable: 0
last-modified: Wed, 27 Jul 2022 00:23:44 GMT
server: S3
x-cache-origin: MISS:Varnish
etag: W/"d0089b3b397dc49b94b80ea407656be3"
vary: Accept-Encoding
x-varnish: 75795399
access-control-allow-origin: *
cache-control: public, max-age=3600
referer
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 07 Sep 2022 20:17:57 GMT

GET
H2 200 react.281b479c7448010394ee.js Show response
www.stuff.co.nz/sics-assets/js/ 13 KB
5 KB 105ms
101ms Script
application/javascript 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/sics-assets/js/react.281b479c7448010394ee.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 0a325decfde845ca807eb95bb738b93e3a39bc9dc5dbbe30006a46d0aaa11985

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 01:35:57 GMT
server: S3
x-esi-enable: 0
x-cache-origin: MISS:Varnish
etag: W/"9401ab3307dd8b043f04e03ebe42f0dd"
vary: Accept-Encoding
x-varnish: 294415351
cache-control: public, max-age=2592000
referer
accept-ranges: bytes
content-type: application/javascript
content-length: 5109
expires: Fri, 07 Oct 2022 19:17:57 GMT

GET
H2 200 react-dom.8b8c4fd6928848fd149d.js Show response
www.stuff.co.nz/sics-assets/js/ 116 KB
37 KB 107ms
104ms Script
application/javascript 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/sics-assets/js/react-dom.8b8c4fd6928848fd149d.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 075a8ac615514bdfb50ff549c364975167a846d282b3bee916152fee7cdc7a7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 01:35:57 GMT
server: S3
x-esi-enable: 0
x-cache-origin: HIT:Varnish
etag: W/"1acd604c01eff97360cd1c1468f8ce8e"
vary: Accept-Encoding
x-varnish: 394596989 289737247
cache-control: public, max-age=2592000
referer
accept-ranges: bytes
content-type: application/javascript
content-length: 37668
expires: Fri, 07 Oct 2022 19:17:57 GMT

GET
H2 200 bundle.1fc241e7bbcb67a90e8b.js Show response
www.stuff.co.nz/sics-assets/js/ 1 MB
335 KB 113ms
111ms Script
application/javascript 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: e8cd27492a8b97fa4c07c1210f85eb04a9a256d00733dec84de8d6bad6548b69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 00:39:20 GMT
server: S3
x-esi-enable: 0
x-cache-origin: HIT:Varnish
etag: W/"b89db241bf0885e11b8853e5cf039af5"
vary: Accept-Encoding
x-varnish: 164977040 163758390
cache-control: public, max-age=2592000
referer
accept-ranges: bytes
content-type: application/javascript
content-length: 342412
expires: Fri, 07 Oct 2022 19:17:57 GMT

GET
H2 200 jquery.26d46e64ce99f8c2b31d.js Show response
www.stuff.co.nz/sics-assets/js/ 89 KB
32 KB 121ms
119ms Script
application/javascript 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/sics-assets/js/jquery.26d46e64ce99f8c2b31d.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 292288f03d122da15bcd8cbd10868a0a047cf22e83e0f83c231f48bf23fcb860

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 19:32:17 GMT
server: S3
x-esi-enable: 0
x-cache-origin: MISS:Varnish
etag: W/"4f4d5fcdc89b56a0d720a7f3c6baf992"
vary: Accept-Encoding
x-varnish: 3960091
cache-control: public, max-age=2592000
referer
accept-ranges: bytes
content-type: application/javascript
content-length: 31937
expires: Fri, 07 Oct 2022 19:17:57 GMT

GET
H2 200 stuff-adfliction.js Show response
www.stuff.co.nz/static/stuff-adfliction/latest/ 26 KB
7 KB 30ms
27ms Script
application/javascript 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/stuff-adfliction/latest/stuff-adfliction.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: d3871e2070a243288259b54f34b530e09ad7005f4aa0938cc8fb3dc6cc096b24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
content-length: 7381
x-esi-enable: 0
last-modified: Wed, 08 Dec 2021 23:32:14 GMT
server: S3
x-cache-origin: MISS:Varnish
etag: W/"4e879fbb43d36013d6258cc8cb948ac4"
vary: Accept-Encoding
x-varnish: 203426487
access-control-allow-origin: *
cache-control: public, max-age=3600
referer
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 07 Sep 2022 20:17:57 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 207 KB
72 KB 110ms
10ms Script
application/x-javascript 88.221.169.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-78.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2a790de20153d921b7be7123dd4668d130fea09fe94d6ce267b499d3e75f7a93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 11:46:38 GMT
etag: "15-2Tu0AR0vrUSM11l0sCFIoPYJlf8"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: bd12522864b48ef8d09cb22aa0641800
timing-allow-origin: *, *
content-length: 72871

GET
H2 403 ovu_rec.js
videos.oovvuu.com/stuf/v1/ 0
0 642ms
580ms Script
application/xml 2600:9000:225e:d600:1a:9e13:5280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videos.oovvuu.com/stuf/v1/ovu_rec.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d600:1a:9e13:5280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 banner Show response
dashboard.presspatron.com/dev/ 11 KB
12 KB 44ms
9ms Script
text/javascript 13.225.78.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.presspatron.com/dev/banner?b=TJu26zZFBKa635NQ13AZRn8S

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-36.fra2.r.cloudfront.net

Software

Resource Hash

1786bfb5bc61c63a26e18ac30db3db9cdf3c87ae30f40ea907fe040ac2a99b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 02:24:49 GMT
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 60788
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 7d3b4f5e-a5cb-473e-8801-29f844018cb3
x-runtime: 0.014194
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 29 May 2022 23:01:51 GMT
x-frame-options: SAMEORIGIN
etag: W/"39064efd2a3b667f7f5202d39b3a8ce2"
x-download-options: noopen
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400, public
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 2D59ugzd2TrBqcwM8ZXhdte_t94QnG1pJPR6o7hHZF9IZhGYi-iNXg==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 42ms
17ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9c63a228fc6b580d0376d0a3f6a2ac838d87d4c4f8731f1835658c7c3d65199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28535
x-xss-protection: 0
server: sffe
etag: "1327 / 262 of 1000 / last-modified: 1662547195"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 07 Sep 2022 19:17:57 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 162ms
36ms XHR
application/json 3.248.73.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F5D11253512D2B170A490D45%40AdobeOrg&d_nsid=0&ts=1662578277394

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.73.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-73-132.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d37c2f26552e7427f9f86fc6dcf05276f0dbd7a746a6fb42584ac88193056cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v039-0ea8217bc.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 89Xc0rQbQuE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.stuff.co.nz
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 749
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EX25d20b7db7d9432e9825e136cd776302-libraryCode_source.min.js Show response
assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/ 60 KB
21 KB 22ms
20ms Script
application/x-javascript 2a02:26f0:ea:489::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/EX25d20b7db7d9432e9825e136cd776302-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:489::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 99a42e69ccec698d9be89d17d7cb3efa693436bd3422b9a038919a8a878128d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 01:39:51 GMT
server: AkamaiNetStorage
etag: "9793a44f79780beea337fcb9fb34d13c:1659317991.177343"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.stuff.co.nz
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 21382
expires: Wed, 07 Sep 2022 20:17:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 957
date: Wed, 07 Sep 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 07 Sep 2022 21:02:00 GMT

GET
H/1.1 200
OK channels.cgi Show response
stuffnz-sydney.gscontxt.net/main/ 224 B
302 B 1540ms
259ms Script
application/javascript 152.67.105.100
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://stuffnz-sydney.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 152.67.105.100 Bungarribee, Australia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: cf38d19d37a13789e99300f5fa0110a86c4d9b3ec76d30a5a731ba72314b45b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 224
Content-Type: application/javascript

GET
H2 200 app.js Show response
cdn.kdaimo.com/stuff-198652/ 9 KB
4 KB 111ms
11ms Script
application/javascript 13.225.78.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kdaimo.com/stuff-198652/app.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-86.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8fbf6dbda27863e94305c9a5b26d276bfbb627f7a34a4b0de1e3ee6a6d15fdeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: vaj8jMvZHN7ypgWwU.4jGcJdlZCqtZzK
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 08:19:00 GMT
server: AmazonS3
age: 56464
etag: W/"a1586f9b91059477f2143b249f820258"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
date: Wed, 07 Sep 2022 03:36:54 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: C3LJOb4nNERAcgEgriMfCjsLWm15jSrkQLiFu53mlUTJdbOpx-qtBg==

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 58ms
20ms Script
application/javascript 2606:4700:3032::ac43:bf95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:bf95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5844
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AQNEE3AC9H8TW77F
x-amz-id-2: VpUUXqbmL/xpA5Vtm4W+3ivO1YOUEZ2vtR2RHPP57p8m5L90v/PkL8ddYn/Wp5Gwu5zTNf6W5CQ=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sX6fWKwmArnpb4gjRPtG6dEIRMa9sqAkboq6Zr8ISHbnJmUttGIvnurQ0w8x6wx%2FRedcgRrmGDf%2Bd%2BJir6CTQH80N%2BAs2EXdkGaC%2B7kCNN46uHhEQzHhUAP9Wbej0hbYGCJx%2FI9Fpo7EQmGWfFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 7471c99a2f348ffe-FRA

GET
H2 200 stuff.js Show response
cdn.brandmetrics.com/tag/28a8e7a75ebc4c80a43b7dcd8c12b39a/ 6 KB
3 KB 59ms
22ms Script
text/javascript 2606:4700:20::681a:69b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/28a8e7a75ebc4c80a43b7dcd8c12b39a/stuff.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:69b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0fcb4ddd51c77676d524222345c107a2832c4b8a35c45941071ea19f2861135

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Sep 2022 19:02:46 GMT
server: cloudflare
age: 911
cf-polished: origSize=5844
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFGQYPPxGTKki1nCkP4iZ8GrrPW62ARk2XPiY%2FOCuzJkeNsRwk95u6kKpepTRVzfTXAY5WWQleIQn7dvTnVeHRfUw6MDOT8ZS%2FLY5oS8dMbY4ZI4A6C87JQHmB49Gt0mYUgXUmmCd4pnhYiJ3zd01wRs"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7471c99a1a189238-FRA
cf-bgj: minify

GET
H/1.1 200
OK aksb.min.js Show response
ds-aksb-a.akamaihd.net/ 13 KB
5 KB 59ms
8ms Script
application/x-javascript 2a02:26f0:3500:e::1732:834e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ds-aksb-a.akamaihd.net/aksb.min.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:e::1732:834e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62: 8096267
Date: Wed, 07 Sep 2022 19:17:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Aug 2018 18:25:26 GMT
Server: AkamaiNetStorage
ETag: "15de19f42b35806faf815298644157e0:1535653526"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 4826

GET
H2 200 STUFFSANSWEB-Light.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ 32 KB
32 KB 18ms
18ms Font
binary/octet-stream 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Light.woff2
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 6becd77411e34f8dcd313296ae9e181664a3b3cc0a044b38e1534dea05336087

Request headers

Referer: https://www.stuff.co.nz/static/spade/fonts/stuff-sans.css
Origin: https://www.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:54 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "81f24298f33f81f2bfe8a812634cc2dd"
x-varnish: 160734710 90555007
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 32732
expires: Thu, 07 Sep 2023 19:17:57 GMT

POST
H2 200 / Show response
o68184.ingest.sentry.io/api/150508/envelope/ 2 B
277 B 68ms
10ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o68184.ingest.sentry.io/api/150508/envelope/?sentry_key=f9b3dddbd86e4cf191a09137f4ce9efa&sentry_version=7

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.stuff.co.nz
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82411ccd8cd8814825970283d58f132cc2baa464062aa0e5fae2132ab9aee2ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 STUFFSANSWEB-Italic.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ 36 KB
36 KB 15ms
15ms Font
binary/octet-stream 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Italic.woff2
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: e66cccb6fd64ae7c7e428900129c22644e340286024b3e0bcce8b94432745e7b

Request headers

Referer: https://www.stuff.co.nz/static/spade/fonts/stuff-sans.css
Origin: https://www.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:44 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "e1b8b712f979ad8fc5b4d240e93e87b7"
x-varnish: 105565737 75227291
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 36496
expires: Thu, 07 Sep 2023 19:17:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather+Sans:300,700

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e7888ff0f09652a80767bad958aaec1cde6d63b3fc958d9cb7d2467bb867ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 19:17:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 19:17:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 19:17:57 GMT

GET
H2 200 standardbyline.css
interactives.stuff.co.nz/2022/rebrand/ 1 KB
722 B 76ms
26ms Stylesheet
text/css 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://interactives.stuff.co.nz/2022/rebrand/standardbyline.css
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 278146e898fab9a0e0a48a19c65a730c2b94a5492a03a621eef220e26712700b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
last-modified: Sun, 29 May 2022 21:28:46 GMT
server: AmazonS3
etag: "62e093a3d53613c68306693462f74234"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600
accept-ranges: bytes
content-length: 524
expires: Wed, 07 Sep 2022 20:17:57 GMT

GET
H2 200 top-pullar-7df13930.jpg
static3.stuff.co.nz/ 91 KB
92 KB 199ms
42ms Image
image/jpeg 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static3.stuff.co.nz/top-pullar-7df13930.jpg
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d6cb4bcf91fb483d6f958f9aec072249aa112f73fca03695a61e8cc98bd8246

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
last-modified: Sun, 22 May 2022 20:18:10 GMT
server: AmazonS3
x-amz-request-id: Q5BMQWEZB3B5XV0Z
etag: "82e1f96adb08c7230bf2c92accc918f4"
x-amz-meta-width: 400
content-type: image/jpeg
cache-control: max-age=30798456
x-amz-meta-height: 400
accept-ranges: bytes
content-length: 93353
x-amz-id-2: z375bzaaEwgRckB8T+ImlcxK8MzBOqVvlV5x++hYvQCE/iz0qwwmSZmywmdMoPW+hZiesGe/mRg=
expires: Wed, 30 Aug 2023 06:25:33 GMT

GET
H2 200 stuff-sans.css
www.stuff.co.nz/static/spade/fonts/ 5 KB
721 B 13ms
13ms Stylesheet
text/css 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans.css
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 9d2ed300e56e6818a6d7436b2bf489c58af9948328afc1985caf73a9f444c71d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
content-length: 452
x-esi-enable: 0
last-modified: Tue, 17 May 2022 04:11:23 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: W/"8783ea926fd6938471a3adee7992b39b"
vary: Accept-Encoding
x-varnish: 122399417 100822627
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: text/css
expires: Thu, 07 Sep 2023 19:17:57 GMT

GET
H2 200 desktop Show response
cdn.neighbourly.co.nz/widget/real-estate/177859/ Frame C00D 48 KB
8 KB 137ms
8ms Document
text/html 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.neighbourly.co.nz/widget/real-estate/177859/desktop
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/react-dom.8b8c4fd6928848fd149d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 6bdf5eaaf8a9a97d7a6a5937d56a60a84651d5870648f6c8b726afab80962f7d

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-origin: *
access-control-expose-headers: Date, Age
age: 278
cache-control: public, max-age=900
content-encoding: gzip
content-length: 8313
content-type: text/html; charset=UTF-8
date: Wed, 07 Sep 2022 19:17:57 GMT
etag: a5bd630a8e6bafd3b161b718f9cc9576
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding,Origin
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 17, 1
x-served-by: cache-akl10332-AKL, cache-hhn4078-HHN
x-timer: S1662578278.747833,VS0,VE1

GET
H2 200 hide-realestate Show response
www.neighbourly.co.nz/stuff/1233/ Frame 479A 15 KB
5 KB 1303ms
1174ms Document
text/html 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.neighbourly.co.nz/stuff/1233/hide-realestate

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/react-dom.8b8c4fd6928848fd149d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0a39b3e49ca948628755df1e1567befb736cedf12f9b5dea0e37adb39c340ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: private, max-age=1800
content-encoding: gzip
content-length: 4943
content-type: text/html; charset=UTF-8
date: Wed, 07 Sep 2022 19:17:58 GMT
strict-transport-security: max-age=31557600
vary: Accept-Encoding,Origin
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 0, 0
x-served-by: cache-akl10325-AKL, cache-hhn4060-HHN

GET
H2 200 showcaseplus Show response
widgets.neighbourly.co.nz/ Frame 848F 80 KB
14 KB 552ms
406ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.neighbourly.co.nz/showcaseplus

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/react-dom.8b8c4fd6928848fd149d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ab7cbf9f06f3e2bb6290feac03f122c13e6010ff792124213de423578537f333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 19:17:58 GMT
etag: "13f89-jt/5RafHMINwD+I4TbQuqel/OAU"
strict-transport-security: max-age=31557600
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 0, 0
x-served-by: cache-akl10326-AKL, cache-hhn4043-HHN

GET
H2 200 5d3a9af323eec6001bb9564a Show response
www.playwidget.stuff.co.nz/hshelf/ Frame 1629 12 KB
13 KB 57ms
13ms Document
text/html 13.224.189.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/react-dom.8b8c4fd6928848fd149d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-3.fra2.r.cloudfront.net
Software: / Express
Resource Hash: 8b341f84503e48233a0557f70061a7f4cc90d468cf147d75cc82cc1398bb6bc0

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1329
content-length: 12555
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 19:17:57 GMT
etag: W/"310b-bbUA5AcY4O4f9rVE7HO9WVMNVK0"
via: 1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
x-amz-cf-id: bAl-6ZpYxKBqeAC_PQMy1RQ1n7-AntgbMjZUTsPj0uAiQdo4YnXntQ==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-powered-by: Express

GET
H2 200 openid-configuration Show response
my.stuff.co.nz/.well-known/ 3 KB
2 KB 71ms
15ms XHR
application/json 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stuff.co.nz/.well-known/openid-configuration

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

aabf2045079740c4cd6d94f34fbf93ba309ba700153beff2afa134c032fc5e62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY, DENY
content-language: en-NZ
access-control-allow-origin: *
cache-control: must-revalidate, max-age=7200
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
content-length: 835
x-xss-protection: 1; mode=block
expires: Wed, 07 Sep 2022 21:17:57 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
36 KB 45ms
9ms Script
application/x-javascript 13.224.189.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 01:32:30 GMT
content-encoding: br
age: 63928
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
x-amz-meta-codebuild-content-md5: 58acf9e97c03c481f490be71338f7f57
last-modified: Tue, 17 May 2022 11:35:33 GMT
server: AmazonS3
etag: W/"148e21f812b555a13b2a9c6b616141f4"
vary: Accept-Encoding
x-amz-version-id: qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA2-C1
content-type: application/x-javascript
x-amz-cf-id: Jf8fmJqmy4Q2crQVuNYepv-dFh-YBh-LOtgMEd6FoP8TaqwF4YMOJQ==

GET
H2 200 PEC098A72-33DD-408F-96BF-B1E81199868C.js Show response
cdn-gl.imrworldwide.com/conf/ 28 KB
7 KB 94ms
14ms Script
application/javascript 2600:9000:206e:a00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PEC098A72-33DD-408F-96BF-B1E81199868C.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:a00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb5c24b4ea797b4578b5e62a0b549058f81130f4c360afc4b113d013053df318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: YyD3KQYXQLtODWmWtUvfXCmZ6TQGkS7i
content-encoding: gzip
etag: W/"b5f202e92de2a59d308bd4774e7eb736"
last-modified: Wed, 07 Sep 2022 11:19:26 GMT
server: AmazonS3
age: 3238
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Wed, 07 Sep 2022 19:05:26 GMT
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: c0etqEfRY_eChg2MnPU4yNEhXIphqmisErYOtxNac-5BQigUa6aZlA==

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-gl.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

17ms
16ms

Script
application/javascript

2600:9000:206e:a00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Server: 2600:9000:206e:a00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 117ed873640b992e38f34a0a761dd3e1cda6b3c24c9507bb3adc0323039f8ff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: PmT0ztgo6pW7kPCi5f5AnKDRXRQLwscI
content-encoding: gzip
etag: W/"3bad78b036ef952c6ace672b2251b459"
last-modified: Mon, 25 Jul 2022 13:33:52 GMT
server: AmazonS3
age: 74601
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 06 Sep 2022 22:34:37 GMT
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: r0nKP7G3JioTINs9UZuPPZlil7CFGKZNY1rKhL6eeaWisg-wQ1RysA==

Redirect headers

date: Wed, 07 Sep 2022 19:17:57 GMT
via: 1.1 93f2a781416975f99355acc4c81d60d2.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: VIE50-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-length: 134
x-amz-cf-id: odFMtmU9mCW7SiORQqtkevYKPYviVnEbA6hoYfrGJwIk43mT8RTP3A==

GET
H2 200 load Show response
experience-au.piano.io/xbuilder/experience/ 5 KB
2 KB 71ms
35ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience-au.piano.io/xbuilder/experience/load?aid=ooaGPZ28pa

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5cada74514ea791cf21ea5c1500de5fc08454e947f0aea484b8e5ef2ce4ea18

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 525
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Kc7tuhrsDMb
wn: prod-au-exp-10-1-4-159
last-modified: Wed, 07 Sep 2022 19:09:12 GMT
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 7471c99b8d38914d-FRA
expires: Wed, 07 Sep 2022 19:47:57 GMT

GET
H2 200 neighbourly-stuff-widget-init.js Show response
cdn.neighbourly.co.nz/js/ 7 KB
7 KB 109ms
7ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.neighbourly.co.nz/js/neighbourly-stuff-widget-init.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1d858cbffd70b52bf6b006f81d7616c495d26830775b826d82e5cbe42a66a1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
via: 1.1 varnish, 1.1 varnish
age: 2526565
x-cache: HIT, HIT
content-length: 7140
x-amz-id-2: pFFKCw9qEbfYmk3jRAYN674rQSKD+jSnggk4bsO5JjjOnYoO2GIk+KBpSEAaIgSlbnyZT5W5VDU=
x-served-by: cache-akl10328-AKL, cache-hhn4078-HHN
last-modified: Mon, 11 Apr 2022 07:57:14 GMT
server: AmazonS3
x-timer: S1662578278.747756,VS0,VE0
etag: "45f09beeb97c3038dcda66755ae99d88"
x-amz-request-id: 65W9CCD5CA25X9PH
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: text/javascript
x-cache-hits: 294485, 2

GET
H2 200 sj.js Show response
cdn.sajari.com/js/ 73 KB
23 KB 66ms
9ms Script
application/javascript 35.190.50.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sajari.com/js/sj.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.50.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.50.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9d73ef96b9d0d9d2e2f4a8c2133eac7bd5fc9e3e0ec952a7d383e44a4b677db5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:49:36 GMT
content-encoding: gzip
age: 37701
x-guploader-uploadid: ADPycdtLsDMTeQ4jmwRXnTrzuGyGp3OEU9uDeZsy6U--yAypVDrqqRfnJ698XStW-ah18dS4xpmOI_jwpvGz058W8q6DCQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22509
last-modified: Wed, 19 Jan 2022 01:42:06 GMT
server: UploadServer
etag: "1dfd79b4ef7eb5438a7553c1e91a8755"
x-goog-hash: crc32c=FsLJcA==, md5=Hf15tO9+tUOKdVPB6RqHVQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1642556526050451
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400,no-transform
x-goog-stored-content-length: 22509
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 08 Sep 2022 08:49:36 GMT

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
256 B 431ms
98ms Image
image/gif 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplifypixel.outbrain.com/pixel?mid=0078c40ea964a99524a9e6feea5ac19649
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 19:17:58 GMT
Cache-Control: no-cache
X-TraceId: f9119f6d279a64b1d884efc99b39fb4b
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK dest5.html Show response
fairfax.demdex.net/ Frame D457 7 KB
3 KB 205ms
33ms Document
text/html 34.255.225.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fairfax.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.255.225.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-225-203.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v039-0a4d71512.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: L1DukIiWRZ4=
content-encoding: gzip
date: Wed, 7 Sep 2022 19:17:57 GMT
last-modified: Tue, 6 Sep 2022 10:41:15 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YxjuZQAAAGQMNwOV
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=26050201013146273894431301852634562067
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxjuZQAAAGQMNwOV

42 B
942 B

35ms
35ms

Image
image/gif

3.248.73.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxjuZQAAAGQMNwOV

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

HTTP/1.1

Server

3.248.73.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-73-132.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v039-023fa240d.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: z9gWgaVVQJQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxjuZQAAAGQMNwOV
Date: Wed, 07 Sep 2022 19:17:57 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
fairfaxnz.tt.omtrdc.net/rest/v1/ 352 B
719 B 155ms
42ms XHR
application/json 52.30.241.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fairfaxnz.tt.omtrdc.net/rest/v1/delivery?client=fairfaxnz&sessionId=850e4a99141049b294ae9aa493052025&version=2.3.3
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.241.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-241-123.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: aacb0ec4ce5142c8209effe5abde453db440f6cae4a9106244d70cdc4484ae2f

Request headers

Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.stuff.co.nz
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 03f73d975af71936c58e1fd8c9313802

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 RC4048bcc2fe11411f8017a6dbfbb87a14-source.min.js Show response
assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/ 708 B
700 B 21ms
20ms Script
application/x-javascript 2a02:26f0:ea:489::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/RC4048bcc2fe11411f8017a6dbfbb87a14-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:489::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f150e1bbb75e086a62af5776f3d2a4a4da21e42f7d736904b3daf59f7ab0d8a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 01:39:51 GMT
server: AkamaiNetStorage
etag: "9793a44f79780beea337fcb9fb34d13c:1659317991.177343"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.stuff.co.nz
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 434
expires: Wed, 07 Sep 2022 20:17:57 GMT

GET
H2 200 RC547aaccc21c34cc58a30baa19a642b74-source.min.js Show response
assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/ 1 KB
884 B 21ms
20ms Script
application/x-javascript 2a02:26f0:ea:489::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/RC547aaccc21c34cc58a30baa19a642b74-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:489::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 71bb74021340ca7d325619d0d0da90651add48bc4c627a4c60219fda7fc40a35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 01:39:51 GMT
server: AkamaiNetStorage
etag: "9793a44f79780beea337fcb9fb34d13c:1659317991.177343"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.stuff.co.nz
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 618
expires: Wed, 07 Sep 2022 20:17:57 GMT

GET
H2

200

signin-callback.html Show response
www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/callback/ Frame ACC3
Redirect Chain

https://my.stuff.co.nz/authorize?client_id=6380a421-afcd-45b4-b9ab-393d3f105da3&redirect_uri=https%3A%2F%2Fwww.stuff.co.nz%2Fstatic%2Fstuff-login-browser-sdk%2F1.2.3%2Fcallback%2Fsignin-callback.ht...
https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/callback/signin-callback.html?error=login_required&state=082ff4aecefa433baaef0fd6568c0814&session_state=e92141911ebb511a9d2d1b38c531fc62...

229 B
933 B

49ms
49ms

Document
text/html

2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/callback/signin-callback.html?error=login_required&state=082ff4aecefa433baaef0fd6568c0814&session_state=e92141911ebb511a9d2d1b38c531fc62ef371e6f107a98894f3ff5aa9cf9c963.1422243792

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/stuff-login-sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

S3 /

Resource Hash

33def4d457d490ce89b5e6be3dcf904c25d03a50dd7f7a65237f395d7161b5e4

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-inline' 'unsafe-eval' 'report-sample'; img-src http: https: data: blob:; media-src http: https: data: blob:; report-uri https://csp-reporter-production.apse2.ffx.nz/

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 229
content-security-policy: default-src https: data: blob: 'unsafe-inline' 'unsafe-eval' 'report-sample'; img-src http: https: data: blob:; media-src http: https: data: blob:; report-uri https://csp-reporter-production.apse2.ffx.nz/
content-type: text/html
date: Wed, 07 Sep 2022 19:17:58 GMT
etag: W/"87597ea852799e4231ddd983159493b6"
expires: Thu, 07 Sep 2023 19:17:58 GMT
server: S3
vary: Accept-Encoding
x-cache-origin: MISS:Varnish
x-esi-enable: 1
x-varnish: 691634614

Redirect headers

content-length: 0
date: Wed, 07 Sep 2022 19:17:58 GMT
location: https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/callback/signin-callback.html?error=login_required&state=082ff4aecefa433baaef0fd6568c0814&session_state=e92141911ebb511a9d2d1b38c531fc62ef371e6f107a98894f3ff5aa9cf9c963.1422243792

GET
H2 200 prebid-6.6.0.js Show response
www.stuff.co.nz/static/prebid/ 336 KB
103 KB 17ms
17ms Script
application/javascript 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/prebid/prebid-6.6.0.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/static/stuff-header-bidding/latest/stuff-header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 7d0b5690d943eeec5db9b0344f07d4faf581c1f9452790fbab40ad4c11e78b57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
content-length: 105288
x-esi-enable: 0
last-modified: Tue, 11 Jan 2022 19:58:52 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: W/"ff7b5da47802875cad559005698b70de"
vary: Accept-Encoding
x-varnish: 201647823 183352185
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 07 Sep 2023 19:17:57 GMT

GET
H2 200 client-location.js Show response
www.stuff.co.nz/static/scripts/stuff-plugins/client-location/1.0.1/ 269 B
507 B 31ms
31ms Script
application/javascript 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/scripts/stuff-plugins/client-location/1.0.1/client-location.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/static/stuff-adfliction/latest/stuff-adfliction.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: b7fb9afe7b176646cc40746bc22781db9ff7db6bfaa0a4578f82bd74d4912456

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
x-esi-enable: 1
server: S3
x-cache-origin: HIT:Varnish
etag: W/"91551206f4feb50d8b9c53c097b6d7a6"
vary: Accept-Encoding
x-varnish: 157274870 46777240
access-control-allow-origin: *
cache-control: max-age=7200
content-type: application/javascript
content-length: 269
expires: Wed, 07 Sep 2022 21:17:57 GMT

GET
H2 200 nativform-all.min.js Show response
sdk.ffxpub.com/web/v3/3.1.10/ 75 KB
20 KB 88ms
14ms Script
application/javascript 2600:9000:211a:e400:1e:9232:ebc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.ffxpub.com/web/v3/3.1.10/nativform-all.min.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/static/stuff-adfliction/latest/stuff-adfliction.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:e400:1e:9232:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28b8b88196f15352c2c5fd6411ae1da28f72cc1ed3cbf26a13eef570d2d9b101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 03:09:15 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 23:47:57 GMT
server: AmazonS3
age: 58603
etag: W/"cbed1c09321bb7f2d1357e160b9b33b8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a64e3ccdb085056758f4ef32e887b5dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: 5A9DOQAJskl9V20DJboOEaeNhJ1UvNvjC8TVmiGgjbfCzjPSO6QbyQ==

GET
H2 200 custom_button Show response
dashboard.presspatron.com/websites/153/ Frame F13A 259 B
791 B 11ms
11ms Document
text/html 13.225.78.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.presspatron.com/websites/153/custom_button

Requested by

Host: dashboard.presspatron.com
URL: https://dashboard.presspatron.com/dev/banner?b=TJu26zZFBKa635NQ13AZRn8S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-36.fra2.r.cloudfront.net

Software

Resource Hash

01a02851049854d2d7e2ce81446cabdd55afe68b68bdd7ee09be35bc3dc504ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59895
cache-control: max-age=86400, public
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 02:39:42 GMT
etag: W/"01a02851049854d2d7e2ce81446cabdd"
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-id: OUb1BBeAO54NwXYs_EozH6s2kFqjSQYeQdkG9g_LJCrTSNEszbA6kw==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 42a9f0e5-afe8-4935-8013-7b2aff75fbd9
x-runtime: 0.002391
x-xss-protection: 1; mode=block

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 42 KB
14 KB 17ms
17ms Script
text/javascript 2606:4700:20::681a:69b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=0cf2cb43-ab90-48b9-94fa-f5bf6ebdd0ed&toploc=www.stuff.co.nz
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/28a8e7a75ebc4c80a43b7dcd8c12b39a/stuff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:69b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6200739690705845c8c84e0c50795221872b62623a68106f19d9793d6a434636

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Sep 2022 18:30:54 GMT
server: cloudflare
age: 2823
cf-polished: origSize=44111
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mddYUsa%2FE9gcuoeBuJsmzsv7ezCTf5490EOnR8cECFqs%2B2YU37Rw%2BhKNKN%2BYWfBhjxUmCQxDb2lYgZysZNBBh2bQBYiNIiIauIj3TtAmTEuEa2IfEWAn9ZUIaSUXnSzlS3Cx9zI0sY8ef8owZlw%2BU1dn"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7471c99c2d719238-FRA
cf-bgj: minify

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 15ms
14ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2125510744&t=pageview&_s=1&dl=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&ul=en-us&de=UTF-8&dt=Ransomware%20attack%3A%20Waikato%20DHB%20supporting%20patients%20after%20documents%20dumped%20online%20%7C%20Stuff.co.nz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1347516982&gjid=879684405&cid=1662743608.1662578278&tid=UA-1056754-1&_gid=823070381.1662578278&_r=1&_slc=1&z=1437312341

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 19:17:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stuff.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022090101.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 58ms
9ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069397

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 11:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131916
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 08:36:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Sep 2023 11:32:56 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 177 B
756 B 94ms
44ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.stuff.co.nz

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11d6af78e66283ece20bc13c4439f9beea0cac411e9ac90ee81f74ce290bf2aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
expires: Wed, 07 Sep 2022 19:17:57 GMT

GET
H2 200 STUFFSANSWEB-Regular.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ Frame 1629 34 KB
34 KB 17ms
15ms Font
binary/octet-stream 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Regular.woff2
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: eba8e146cb4aeb1da575bb17f8961d2594d0f60af6d7eaed5cdc95c4dcd451a1

Request headers

Referer: https://www.playwidget.stuff.co.nz/
Origin: https://www.playwidget.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:52 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "fe6cd12a1cf8b8619df8988d8a9de8a6"
x-varnish: 121135779 103426127
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 34328
expires: Thu, 07 Sep 2023 19:17:57 GMT

GET
H2 200 STUFFSANSWEB-Medium.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ Frame 1629 34 KB
34 KB 27ms
26ms Font
binary/octet-stream 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Medium.woff2
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: aa2364dedec6a43252d203e609c5a6f15a8a115004481e2713102c9623fb9435

Request headers

Referer: https://www.playwidget.stuff.co.nz/
Origin: https://www.playwidget.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:50 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "5ab0cd26b9190f6f68b2662a04b6c497"
x-varnish: 122659965 102329021
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 34512
expires: Thu, 07 Sep 2023 19:17:57 GMT

GET
H2 200 STUFFSANSWEB-SemiBold.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ Frame 1629 34 KB
34 KB 74ms
73ms Font
binary/octet-stream 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-SemiBold.woff2
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 5522fa3faddd44754a3031f0cea90f32c4da5ca5246a91be3f88fd58478d2005

Request headers

Referer: https://www.playwidget.stuff.co.nz/
Origin: https://www.playwidget.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-length: 34928
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:51 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "c0f391724faf1f645baa4e7063639d47"
access-control-max-age: 3000
access-control-allow-methods: GET
x-varnish: 122238383 121819520
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
expires: Thu, 07 Sep 2023 19:17:57 GMT

GET
H2 200 STUFFSANSWEB-Bold.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ Frame 1629 35 KB
35 KB 91ms
89ms Font
binary/octet-stream 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Bold.woff2
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 94b570c0adf306d4cfd4e6acf9750c96c2f8e8e5ec413d2776f247cdcd70e754

Request headers

Referer: https://www.playwidget.stuff.co.nz/
Origin: https://www.playwidget.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:45 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "87f1f4039a6a436c46cddb11fab184cd"
x-varnish: 120056490 101570627
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 35376
expires: Thu, 07 Sep 2023 19:17:57 GMT

GET
H2 200 stuff-sans.css
www.stuff.co.nz/static/spade/fonts/ Frame 1629 5 KB
721 B 38ms
37ms Stylesheet
text/css 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans.css
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 9d2ed300e56e6818a6d7436b2bf489c58af9948328afc1985caf73a9f444c71d

Request headers

Referer: https://www.playwidget.stuff.co.nz/
Origin: https://www.playwidget.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
content-length: 452
x-esi-enable: 0
last-modified: Tue, 17 May 2022 04:11:23 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: W/"8783ea926fd6938471a3adee7992b39b"
vary: Accept-Encoding
x-varnish: 122399417 100822627
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: text/css
expires: Thu, 07 Sep 2023 19:17:57 GMT

GET
H2 200 stuff-display.css
www.stuff.co.nz/static/spade/fonts/ Frame 1629 5 KB
690 B 74ms
72ms Stylesheet
text/css 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-display.css
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 05eb6bfc9bfebc9a6013ec355b73ae65f89c8f3ec5a3a5fa1ab2b3d7918bead7

Request headers

Referer: https://www.playwidget.stuff.co.nz/
Origin: https://www.playwidget.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: gzip
content-length: 426
x-esi-enable: 0
last-modified: Sun, 22 May 2022 03:51:01 GMT
server: S3
x-cache-origin: MISS:Varnish
etag: W/"309c114c7883b81db56e93bca58d635b"
vary: Accept-Encoding
x-varnish: 121423293
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: text/css
expires: Thu, 07 Sep 2023 19:17:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1629 2 KB
539 B 34ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 18:36:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 19:17:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 19:17:57 GMT

GET
H2 200 style.css
www.playwidget.stuff.co.nz/stylesheets/ Frame 1629 6 KB
7 KB 28ms
27ms Stylesheet
text/css 13.224.189.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.playwidget.stuff.co.nz/stylesheets/style.css
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-3.fra2.r.cloudfront.net
Software: / Express
Resource Hash: b0e51b99843499f82cab291b5c7c4f157e0188aedf1612eff965f2255f3abe28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 18:58:53 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
etag: W/"191c-1811d8fe0a8"
last-modified: Wed, 01 Jun 2022 04:39:37 GMT
age: 1144
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 6428
x-amz-cf-id: s3l_16SxB0aCA-Nyt-cyQuuYFGYItkIaac3xI0829lXGf5xXCNIhkw==

GET
H2 200 app.js Show response
www.playwidget.stuff.co.nz/scripts/ Frame 1629 6 KB
6 KB 32ms
31ms Script
application/javascript 13.224.189.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.playwidget.stuff.co.nz/scripts/app.js
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-3.fra2.r.cloudfront.net
Software: / Express
Resource Hash: c130e14ca73acebdee9a25f94ecf2fbc017f391406fb116c43f7db29aa5b2910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 18:52:44 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
etag: W/"16a5-1811d8fe0a8"
last-modified: Wed, 01 Jun 2022 04:39:37 GMT
age: 1513
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 5797
x-amz-cf-id: yIRN9ujjqBJBlEHAPlXsS627vGizoY42fGTlD08x1ZBr3m2b2ezrEg==

GET
H/1.1 200
OK image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/a1558953-68ff-4593-91d1-7f149b498c52/df0a4f3f-ab49-46aa-b781-2d44211c914c/1280x760/match/ Frame 1629 96 KB
97 KB 105ms
16ms Image
image/jpeg 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/a1558953-68ff-4593-91d1-7f149b498c52/df0a4f3f-ab49-46aa-b781-2d44211c914c/1280x760/match/image.jpg
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: / BC
Resource Hash: 0f922bc0a8eced3f3da9e96bbe519d90469e32de911409c932f5e6d72ca4346d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 06:00:40 GMT
Via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 393437
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Cf-Id: FktpMMkwerdGXhjNYqvQeoBFP1FcGL35GZa4b08FEILsf9c4ccldGw==
Expires: Sun, 03 Sep 2023 06:00:40 GMT

GET
H2 200 play-lavender.svg
www.playwidget.stuff.co.nz/images/ Frame 1629 732 B
1 KB 17ms
17ms Image
image/svg+xml 13.224.189.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.playwidget.stuff.co.nz/images/play-lavender.svg
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-3.fra2.r.cloudfront.net
Software: / Express
Resource Hash: 7eb4e050bc2d52c4954259186533768be507cc59263acc79c1deb03117565302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
etag: W/"2dc-1811d8f81b3"
last-modified: Wed, 01 Jun 2022 04:39:13 GMT
age: 1144
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=0
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 732
x-amz-cf-id: XgDhhskK3eFhCZefPRTt0dCbD3tlfLQUL9r85TqSFXO2gmVAXXL2rQ==

GET
H2 200 1661831796342.jpg
resources.stuff.co.nz/content/dam/images/2/5/8/k/r/t/image.imgtype.StuffThumbnail.90x60.png/ Frame 1629 3 KB
3 KB 13ms
11ms Image
image/jpeg 151.101.194.227
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.stuff.co.nz/content/dam/images/2/5/8/k/r/t/image.imgtype.StuffThumbnail.90x60.png/1661831796342.jpg

Requested by

Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.227 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

NZCMS /

Resource Hash

d9cc561361c9c860cf70548b20a75126fe0aa1afcd9f4a7b5485abe5cd9e2d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 varnish (Varnish/6.6), 1.1 varnish, 1.1 varnish
age: 746263
x-cache: HIT, HIT
fastly-io-info: ifsz=2713 idim=90x60 ifmt=jpeg ofsz=2713 odim=90x60 ofmt=jpeg
fastly-stats: io=1
content-length: 2713
fastly-io-warning: Failed to shrink image
x-served-by: cache-akl10320-AKL, cache-hhn4033-HHN
x-esi-enable: 0
server: NZCMS
x-timer: S1662578278.005256,VS0,VE1
x-cache-origin: MISS:Varnish
etag: "rWnivF3JY8AsjFAM1r09bCFb6Wx6ik8TZDtNBPD0yg8"
strict-transport-security: max-age=300
content-type: image/jpeg
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
x-cache-hits: 1288, 1

GET
H/1.1 200
OK image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/453fab7b-d477-41a5-adcc-59df47beda6a/c1c60592-880f-4e74-9015-961754676301/1280x760/match/ Frame 1629 164 KB
165 KB 60ms
15ms Image
image/jpeg 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/453fab7b-d477-41a5-adcc-59df47beda6a/c1c60592-880f-4e74-9015-961754676301/1280x760/match/image.jpg
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: / BC
Resource Hash: 36b5a9aeba72ecb83655012fd06bdc98a08d8e0021a58f80d53abeacc4878078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 14:20:56 GMT
Via: 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 968221
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Cf-Id: Y93OuruxTBj5pRI1pDLKiBurBID5kJZJUe9tJjSY1X0eUMjqHfcDdg==
Expires: Sun, 27 Aug 2023 14:20:56 GMT

GET
H/1.1 200
OK image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/jit/6005208634001/18e71a87-a9d9-4d64-aafb-099a9a9aa0ac/main/320x180/14s152ms/match/ Frame 1629 9 KB
10 KB 61ms
16ms Image
image/jpeg 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.ap-southeast-2.prod.boltdns.net/v1/jit/6005208634001/18e71a87-a9d9-4d64-aafb-099a9a9aa0ac/main/320x180/14s152ms/match/image.jpg
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: / BC
Resource Hash: 2ce55a3b45b4bf5710f45bb3f1ac2c86968d1679693da9eca889229c5301fb79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 23:28:16 GMT
Via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 1712982
X-Powered-From: gantry
X-Powered-By: BC
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: VIE50-C2
Content-Length: 9515
X-Amz-Cf-Id: xf2NSNQLxf5l-XMwQjsMf9pau2K1fhNVXAj3oE03ogaz68EwYpmfUA==
Expires: Fri, 18 Aug 2023 23:28:16 GMT

GET
H/1.1 200
OK image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/94797f06-12d9-4823-9e9d-36aa798c228c/ca0b1341-1732-4005-8961-1c628ec0236d/1280x760/match/ Frame 1629 153 KB
154 KB 62ms
17ms Image
image/jpeg 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/94797f06-12d9-4823-9e9d-36aa798c228c/ca0b1341-1732-4005-8961-1c628ec0236d/1280x760/match/image.jpg
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: / BC
Resource Hash: d20f0f2a17ed821c2d4e8a62e578f8f42516bed16ec06132688b6cad50ef1e5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 14:48:57 GMT
Via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 361741
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Cf-Id: ywLEoKPrDSfPURPpC7qW504C2Nx_06Wg6gASaQVwfJ0KkuCpy5O3Uw==
Expires: Sun, 03 Sep 2023 14:48:57 GMT

GET
H/1.1 200
OK image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/b861eb12-cbc3-4118-8287-d82cda610d35/a0585489-8d5f-4fbe-a0c5-b7bc7c63f836/1280x760/match/ Frame 1629 125 KB
125 KB 64ms
19ms Image
image/jpeg 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/b861eb12-cbc3-4118-8287-d82cda610d35/a0585489-8d5f-4fbe-a0c5-b7bc7c63f836/1280x760/match/image.jpg
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: / BC
Resource Hash: c700c799b3a83b5b2e03b7308d858196965ca0fac8d582a4d3e6dc5006713f1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 16:23:57 GMT
Via: 1.1 95c9d51ed7176777d7ac8ca8cb233696.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 528840
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Cf-Id: Om63bP77pAjPesW5iSiCGHIMSCQG_kjpMV4GawzfuQvVNPjOIef5Dw==
Expires: Fri, 01 Sep 2023 16:23:57 GMT

GET
H/1.1 200
OK image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/40b4f369-f99e-4028-8104-c0382fe0093c/fa9d6f92-d894-4a3d-9a82-96a656a8733d/1280x760/match/ Frame 1629 160 KB
161 KB 69ms
18ms Image
image/jpeg 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/40b4f369-f99e-4028-8104-c0382fe0093c/fa9d6f92-d894-4a3d-9a82-96a656a8733d/1280x760/match/image.jpg
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: / BC
Resource Hash: c042759fc0297fea812dcb8544ea97727b34f3299c751b6af5ee0bfd8deb245c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Fri, 02 Sep 2022 08:02:53 GMT
Via: 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 472504
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Cf-Id: WAM9U4Cp0mYqnEsr4dpskT0WBiztmz0rS0M1hpvCEz7VFZIZCpDyKw==
Expires: Sat, 02 Sep 2023 08:02:53 GMT

GET
H/1.1 200
OK image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/77f905ba-5c57-42f4-b07a-d3277ed53a05/544627e1-4da4-42d8-928c-9490c6e6745c/1280x760/match/ Frame 1629 109 KB
110 KB 19ms
19ms Image
image/jpeg 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/77f905ba-5c57-42f4-b07a-d3277ed53a05/544627e1-4da4-42d8-928c-9490c6e6745c/1280x760/match/image.jpg
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: / BC
Resource Hash: 6279d0c80c6b38017d258115093b47e9281f1cbdffeb06748dd4d72a4f07ccdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 05 Sep 2022 01:24:31 GMT
Via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 237207
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Cf-Id: 5gyETpDddUcRcM_G_vJdt12CMlr1P-xNoONoYRk-caOuhnSGC5e58g==
Expires: Tue, 05 Sep 2023 01:24:31 GMT

GET
H/1.1 200
OK image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/fbe688e8-a455-4f0c-8b86-33bbea4a6c79/ad49ec28-ab18-4256-a7b7-8ae3b8e29287/1280x760/match/ Frame 1629 70 KB
70 KB 17ms
17ms Image
image/jpeg 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/fbe688e8-a455-4f0c-8b86-33bbea4a6c79/ad49ec28-ab18-4256-a7b7-8ae3b8e29287/1280x760/match/image.jpg
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: / BC
Resource Hash: 4f52d957c339c18d67301a731568bc6912434216fadb25b5fa3f91356b4eff0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 05:39:23 GMT
Via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 2641115
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Cf-Id: dxVgzekA15CVKY2IEjgByl89F8gsfcNaH5_CSQmgcEysaOzN6Uhmaw==
Expires: Tue, 08 Aug 2023 05:39:23 GMT

GET
H/1.1 200
OK image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/2990691f-3bf8-45da-8050-1e7681c43506/f8be1066-bd2e-4639-b0f4-fb0c70627972/1280x760/match/ Frame 1629 141 KB
142 KB 39ms
39ms Image
image/jpeg 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/2990691f-3bf8-45da-8050-1e7681c43506/f8be1066-bd2e-4639-b0f4-fb0c70627972/1280x760/match/image.jpg
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: / BC
Resource Hash: a8047ec15f86cdedd9a1125d3c1dac7f057b5982b1933f7c9dc71008b666bf49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:49:05 GMT
Via: 1.1 95c9d51ed7176777d7ac8ca8cb233696.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 1139333
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Cf-Id: q1P2NPJ6LswulbCbOlkPn0L9t_70yJjUIX2zzTEoWo99pQqb_xQ4DQ==
Expires: Fri, 25 Aug 2023 14:49:05 GMT

GET
H/1.1 200
OK image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/e087da0a-da65-4122-90a0-9fe0727d6f0b/29657ccc-caef-4f35-870a-89554549668e/1280x760/match/ Frame 1629 64 KB
65 KB 14ms
14ms Image
image/jpeg 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/e087da0a-da65-4122-90a0-9fe0727d6f0b/29657ccc-caef-4f35-870a-89554549668e/1280x760/match/image.jpg
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: / BC
Resource Hash: d49df5c2cf39492c652c52c5ea41d53e3678cd27be6d17ea81246b18c8059650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 06:17:27 GMT
Via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 1515630
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Cf-Id: 5UmujnG3e5MhbUCWBW_zEInkX-bVviET78uAB6jUYXm8_2vM73LpWw==
Expires: Mon, 21 Aug 2023 06:17:27 GMT

GET
H/1.1 200
OK image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/fae71c5e-bbf2-4721-a9ca-ce370d045539/cf17e753-6b0e-470b-b9e3-cd9a99bd0b6f/1280x760/match/ Frame 1629 36 KB
37 KB 14ms
14ms Image
image/jpeg 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/fae71c5e-bbf2-4721-a9ca-ce370d045539/cf17e753-6b0e-470b-b9e3-cd9a99bd0b6f/1280x760/match/image.jpg
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: / BC
Resource Hash: abda0149fce0ef36e0f5f3bcc12e2d99ed2c60e23975b17992c87c317ac176da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 20 Aug 2022 14:17:56 GMT
Via: 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 1573202
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Cf-Id: enc89gEnUixLgol6rslKylyhKxmnOtPHOtLTroHBGQg_TMlChddJQA==
Expires: Sun, 20 Aug 2023 14:17:56 GMT

GET
H/1.1 200
OK image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/815152c2-e6c9-46dc-963e-6c242da51256/1baecb2a-2aa3-4e22-acf6-d144e7983398/1280x760/match/ Frame 1629 70 KB
71 KB 16ms
15ms Image
image/jpeg 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/815152c2-e6c9-46dc-963e-6c242da51256/1baecb2a-2aa3-4e22-acf6-d144e7983398/1280x760/match/image.jpg
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: / BC
Resource Hash: 06d38abd43f12c64d76394d1fbbd2570afbbe4aef6407e025a4437e50f599380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 05 Sep 2022 01:24:31 GMT
Via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 237206
X-Powered-From: gantry
X-Powered-By: BC
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: VIE50-C2
Content-Length: 72028
X-Amz-Cf-Id: q4Y7oGKyz8pgpIzCQLCNxq2S3_ufX90OIujrRzunZcu0vzT0EccVOA==
Expires: Tue, 05 Sep 2023 01:24:31 GMT

GET
H/1.1 200
OK image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/23c0fb02-0f1d-400e-a31a-b9d2a4e9d8f3/7c5de0fe-3e77-48e9-97e7-f663aefc8f7f/1280x760/match/ Frame 1629 146 KB
146 KB 18ms
18ms Image
image/jpeg 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/23c0fb02-0f1d-400e-a31a-b9d2a4e9d8f3/7c5de0fe-3e77-48e9-97e7-f663aefc8f7f/1280x760/match/image.jpg
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: / BC
Resource Hash: 9cb0ea81805e7a617e1c5acf9f9e5b82c98b7d0055b91849d26e67ce9dc4195e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 17:22:13 GMT
Via: 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 2598945
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Cf-Id: 42khqLdR5ARgj_ljCUfvE4Sjhv6mRnd8VqAVNf3CvQX5p98Q4RvgtA==
Expires: Tue, 08 Aug 2023 17:22:13 GMT

GET
H/1.1 200
OK image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/2290ad65-75c4-4799-bf91-9ef0e2a66ecc/4c104201-d7a4-490a-b3d8-d2f0f93fac50/1280x760/match/ Frame 1629 85 KB
85 KB 14ms
14ms Image
image/jpeg 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/2290ad65-75c4-4799-bf91-9ef0e2a66ecc/4c104201-d7a4-490a-b3d8-d2f0f93fac50/1280x760/match/image.jpg
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: / BC
Resource Hash: 450d5b914090c8b5881931b2173959baaebb2ed732b7e558b342cf22c1d4dd21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 06:39:49 GMT
Via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 563889
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Cf-Id: gcsjgeeabbEKN2D0SeVNBvw185KU5DAEDlnC7BXUm3NkhAhcnYwcQQ==
Expires: Fri, 01 Sep 2023 06:39:49 GMT

GET
H/1.1 200
OK image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/08e6d912-a143-4d5a-a6d4-72529c66153f/75b3203d-078f-4cd6-b7d7-a4461f234fbc/1280x760/match/ Frame 1629 630 KB
630 KB 22ms
21ms Image
image/jpeg 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.ap-southeast-2.prod.boltdns.net/v1/static/6005208634001/08e6d912-a143-4d5a-a6d4-72529c66153f/75b3203d-078f-4cd6-b7d7-a4461f234fbc/1280x760/match/image.jpg
Requested by: Host: www.playwidget.stuff.co.nz
URL: https://www.playwidget.stuff.co.nz/hshelf/5d3a9af323eec6001bb9564a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: / BC
Resource Hash: 82075ce2fc5969ce84e3db98a0ad9b29729b787611eac96a08da591c4c23ab62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playwidget.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 06:47:22 GMT
Via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 45036
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Cf-Id: nIRyPORkE6gjIJqOFN1aK2V3T1qXyrH8KkxYN2saNkjnL7RTbpSoSA==
Expires: Thu, 07 Sep 2023 06:47:22 GMT

GET
H/1.1 200
OK d3d3LnN0dWZmLmNvLm56 Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 105ms
10ms XHR
application/json 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnN0dWZmLmNvLm56
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 19:17:57 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=17010
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: c83c70fa1537a651e2e47a6b67add317
Content-Length: 16
Expires: Thu, 08 Sep 2022 00:01:27 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 15ms
8ms Image
image/gif 88.221.169.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Fri, 07 Oct 2022 19:17:57 GMT

GET
H2 200 1624943285240.jpg
resources.stuff.co.nz/content/dam/images/4/y/s/u/d/b/image.related.StuffLandscapeSixteenByNine.1240x700.22rvh5.png/ 76 KB
77 KB 1036ms
986ms Image
image/jpeg 151.101.194.227
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.stuff.co.nz/content/dam/images/4/y/s/u/d/b/image.related.StuffLandscapeSixteenByNine.1240x700.22rvh5.png/1624943285240.jpg?format=pjpg&optimize=medium

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.227 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

NZCMS /

Resource Hash

48c6d12327593c8395849eaaa62a016dd10711495824a90ca550a5aafeb06d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 varnish (Varnish/6.6), 1.1 varnish, 1.1 varnish
age: 1694462
x-cache: HIT, MISS
fastly-io-info: ifsz=88543 idim=1240x697 ifmt=jpeg ofsz=78109 odim=1240x697 ofmt=jpeg
fastly-stats: io=1
content-length: 78109
x-served-by: cache-akl10333-AKL, cache-hhn4033-HHN
x-esi-enable: 0
server: NZCMS
x-timer: S1662578278.945056,VS0,VE973
x-cache-origin: MISS:Varnish
etag: "rBz45zysp3fhda/hoacjdluXw7HQr46uKegxV4/QSZs"
strict-transport-security: max-age=300
content-type: image/jpeg
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
x-cache-hits: 4, 0

OPTIONS
H2 204 event
events.apester.com/ Frame 0
0 388ms
118ms Preflight 35.227.201.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://events.apester.com/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.201.100 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 100.201.227.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.stuff.co.nz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: OPTIONS,OPTIONS
access-control-allow-origin: https://www.stuff.co.nz
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 google

POST
H3 202 event Show response
events.apester.com/ 0
14 B 138ms
119ms XHR
text/plain 35.227.201.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://events.apester.com/event

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.227.201.100 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

100.201.227.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
date: Wed, 07 Sep 2022 19:17:58 GMT
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.stuff.co.nz
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 re-org-widget-3a9d5c683ba2c0cd1b08c2295ddddb5a0e0a544d.00606d6abf32cf255d527412b66c9021.css
cdn.neighbourly.co.nz/compiled/extract-css/ Frame C00D 11 KB
11 KB 10ms
9ms Stylesheet
text/css 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.neighbourly.co.nz/compiled/extract-css/re-org-widget-3a9d5c683ba2c0cd1b08c2295ddddb5a0e0a544d.00606d6abf32cf255d527412b66c9021.css
Requested by: Host: cdn.neighbourly.co.nz
URL: https://cdn.neighbourly.co.nz/widget/real-estate/177859/desktop
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 978eedd92629e322eaec8ecf8fbb4b97ba4647baf8c43ac04c239a16f28a63be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.neighbourly.co.nz/widget/real-estate/177859/desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
via: 1.1 varnish, 1.1 varnish
age: 549017
x-cache: HIT, HIT
content-length: 11419
x-amz-id-2: sEqFsrKFuhl6hgoQeDfpI7EYV4KBsMswLM0ssxbVztdCbkr9gAc/tTVnBpQWEhBqZQY10icg8ZY=
x-served-by: cache-akl10322-AKL, cache-hhn4078-HHN
last-modified: Tue, 08 Jun 2021 00:24:58 GMT
server: AmazonS3
x-timer: S1662578278.904300,VS0,VE1
etag: "00606d6abf32cf255d527412b66c9021"
x-amz-request-id: PNSXH3B8KMNRR6DS
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 8642, 1

GET
H2 200 node-static.d0be975467d21eb64843.js Show response
cdn.neighbourly.co.nz/compiled/ Frame C00D 12 KB
13 KB 10ms
9ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.neighbourly.co.nz/compiled/node-static.d0be975467d21eb64843.js
Requested by: Host: cdn.neighbourly.co.nz
URL: https://cdn.neighbourly.co.nz/widget/real-estate/177859/desktop
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bafb226ce908c370462ac78ef6f6027e4bcae18d90b9336450d9136faacf36c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.neighbourly.co.nz/widget/real-estate/177859/desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
via: 1.1 varnish, 1.1 varnish
age: 1168735
x-cache: HIT, HIT
content-length: 12473
x-amz-id-2: Ykuwb0Wnont6QiqDDeAGaamvMoZo1QOsNfDz5AEIKFWccdw9sbM9wjoS3TbX/kEzrciez8g/eWs=
x-served-by: cache-akl10333-AKL, cache-hhn4078-HHN
last-modified: Tue, 26 Jul 2022 06:38:59 GMT
server: AmazonS3
x-timer: S1662578278.904240,VS0,VE1
etag: "bba7e3f61fd0d22b21fd0c171057e420"
x-amz-request-id: EPPP01EXA7C1SX9K
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 71524, 1

GET
H2 200 index_realestate_widget-2c6628ff4f85d6cd6286430d2ab3127b4e88f0d5.f14458627a5acbc5b3ab.js Show response
cdn.neighbourly.co.nz/compiled/ Frame C00D 114 KB
114 KB 11ms
11ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.neighbourly.co.nz/compiled/index_realestate_widget-2c6628ff4f85d6cd6286430d2ab3127b4e88f0d5.f14458627a5acbc5b3ab.js
Requested by: Host: cdn.neighbourly.co.nz
URL: https://cdn.neighbourly.co.nz/widget/real-estate/177859/desktop
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02821ab0f21de953846c00eac19cfebfa6bfe29b68b8001acdd9b20324d64d36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.neighbourly.co.nz/widget/real-estate/177859/desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
via: 1.1 varnish, 1.1 varnish
age: 549463
x-cache: HIT, HIT
content-length: 116676
x-amz-id-2: 6EXism9zbzIHFYlDbJsbdCmGfZ/1pE8UQwUGJIXE6IsP/bnLCEWSBbzzIGkzXciRSxGAAFqtTXk=
x-served-by: cache-akl10320-AKL, cache-hhn4078-HHN
last-modified: Tue, 08 Jun 2021 00:24:58 GMT
server: AmazonS3
x-timer: S1662578278.904192,VS0,VE1
etag: "177caaa5a7abf3eb3767660f872028ab"
x-amz-request-id: 49X5E3CMA7QF360A
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 75587, 1

GET
H2 200 colliers-reaa-logo.png
cdn.neighbourly.co.nz/bundles/neighbourlystatic/img/ Frame C00D 11 KB
12 KB 12ms
10ms Image
image/png 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/bundles/neighbourlystatic/img/colliers-reaa-logo.png
Requested by: Host: cdn.neighbourly.co.nz
URL: https://cdn.neighbourly.co.nz/widget/real-estate/177859/desktop
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee1ea43ab128eb9611605f181b5da8eb385f464aacdda32cf8880fa1b2d7a7af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.neighbourly.co.nz/widget/real-estate/177859/desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
via: 1.1 varnish, 1.1 varnish
age: 549434
x-cache: HIT, HIT
fastly-io-info: ifsz=23068 idim=747x576 ifmt=png ofsz=11668 odim=747x576 ofmt=png
fastly-stats: io=1
content-length: 11668
x-amz-id-2: 9CQR3izIvG9o/U02S7ouOC7UXvgQD6u9Re/RD0nlbiVvH813NlzHgrvhRE2OU3kuDvamCo3MGF0=
x-served-by: cache-akl10328-AKL, cache-hhn4078-HHN
server: AmazonS3
x-timer: S1662578278.956747,VS0,VE4
etag: "uvJq3yuGMx1LLoZH7RI0j0lLK1+H2C54E2l9J7x4DJg"
x-amz-request-id: Q9REJJ61BSXAFG9J
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: image/png
x-cache-hits: 42255, 1

GET
H2 200 colliers-left-arrow.png
cdn.neighbourly.co.nz/bundles/neighbourlystatic/img/ Frame C00D 1 KB
1 KB 10ms
8ms Image
image/png 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/bundles/neighbourlystatic/img/colliers-left-arrow.png
Requested by: Host: cdn.neighbourly.co.nz
URL: https://cdn.neighbourly.co.nz/widget/real-estate/177859/desktop
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa04f774796d5490065166dbd585a5598dafe7fa3ddc109d3c6defbbf60a2e8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.neighbourly.co.nz/widget/real-estate/177859/desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
via: 1.1 varnish, 1.1 varnish
age: 549479
x-cache: HIT, HIT
fastly-io-info: ifsz=2475 idim=50x117 ifmt=png ofsz=1188 odim=50x117 ofmt=png
fastly-stats: io=1
content-length: 1188
x-amz-id-2: XTQYpESm4YWycVk/3x98A+r+sySG7JCOf9c0P5f0SY8UpX5gVp96eJ1sDEiO9AzbUVB6m8FzxAM=
x-served-by: cache-akl10329-AKL, cache-hhn4078-HHN
server: AmazonS3
x-timer: S1662578278.957188,VS0,VE1
etag: "Qsd8cH2nlffsTyejXvX6/6e0vABxnbBwEDT8KASIJlI"
x-amz-request-id: 8W6M8ZR7YXFKKHF0
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: image/png
x-cache-hits: 12508, 1

GET
H2 200 colliers-right-arrow.png
cdn.neighbourly.co.nz/bundles/neighbourlystatic/img/ Frame C00D 1 KB
2 KB 10ms
9ms Image
image/png 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/bundles/neighbourlystatic/img/colliers-right-arrow.png
Requested by: Host: cdn.neighbourly.co.nz
URL: https://cdn.neighbourly.co.nz/widget/real-estate/177859/desktop
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e5dd1c9c8cc79f836cd716163ce0483d5c23acd7ab84ba22f96e41abdc9a3b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.neighbourly.co.nz/widget/real-estate/177859/desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
via: 1.1 varnish, 1.1 varnish
age: 456041
x-cache: HIT, HIT
fastly-io-info: ifsz=2520 idim=50x117 ifmt=png ofsz=1350 odim=50x117 ofmt=png
fastly-stats: io=1
content-length: 1350
x-amz-id-2: aYOSJ3mVoBLNwZYhgbBE0zCXV9mBKPf3LbontGvDDLYQ8r7dNRlmIPY55ePOBLYAKhDoJ0EKwBY=
x-served-by: cache-akl10329-AKL, cache-hhn4078-HHN
server: AmazonS3
x-timer: S1662578278.957148,VS0,VE2
etag: "36H76CKB9fzRaNlLfRPYwwYYE1vLJGQa96eotaINU7g"
x-amz-request-id: YAHMFP8HQ68V6793
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: image/png
x-cache-hits: 28864, 1

POST
H2 200 s27197602848415 Show response
somniture.stuff.co.nz/b/ss/fairfaxnz-stuffoverall-production/10/JS-2.17.0-LCUM/ 2 KB
2 KB 155ms
53ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://somniture.stuff.co.nz/b/ss/fairfaxnz-stuffoverall-production/10/JS-2.17.0-LCUM/s27197602848415

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

4714f8583a8bb05c3db92d2b3345d56183c7dce460085524d52f2d4b1e029b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-aam-tid: i72dqwVmSJQ=
date: Wed, 07 Sep 2022 19:17:58 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
vary: *
content-length: 1632
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v039-0e7f52837.edge-irl1.demdex.com 12 ms
pragma: no-cache
last-modified: Thu, 08 Sep 2022 19:17:58 GMT
server: jag
etag: 3570359665676976128-4619749687973793781
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.stuff.co.nz
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Tue, 06 Sep 2022 19:17:58 GMT

GET
H2 200 tinypass.min.js Show response
code.piano.io/api/ 324 KB
94 KB 42ms
28ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://code.piano.io/api/tinypass.min.js

Requested by

Host: experience-au.piano.io
URL: https://experience-au.piano.io/xbuilder/experience/load?aid=ooaGPZ28pa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fde9277e699de5f4419f378e798a3a4ddbfd429b9b6a466b64d9b2ef8526a55f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4560
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: NSZD7VNXQJ32VTGB
x-amz-id-2: WrhpfncEnE40XejqWq+2MAq+n4jvkP+ZOTM7r1cwITSQOyttQePOZzSlUHxYzSMOQQendOmQbHU=
last-modified: Wed, 07 Sep 2022 07:35:20 GMT
server: cloudflare
etag: W/"f2c903915e3b113518e26ede467035b1"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=14400
x-amz-version-id: 4lbnnZZJ_PFJVTSqGUiQejFbkHmsr40v
cf-ray: 7471c99d294d914d-FRA
expires: Wed, 07 Sep 2022 23:17:57 GMT

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 195 KB
55 KB 26ms
25ms Script
application/javascript 2600:9000:206e:a00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PEC098A72-33DD-408F-96BF-B1E81199868C.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:a00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: DrLErfhsYc9Oxds2t7Wz_kyLr0yC.GSp
content-encoding: gzip
etag: W/"81a9e2a298d0019660cb2966f0c24748"
age: 3120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Mon, 02 May 2022 13:40:06 GMT
server: AmazonS3
date: Wed, 07 Sep 2022 18:25:58 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: dNi4VtHM-xFt7dP75gugpwWTK3uK1CvbpnJxzg87oKASt_KeInXIxw==

GET
H2 200 analytics-d638025feae8bf2e59655e6dc360d52f950aedf8a393c057e60a880c53e438ff.js Show response
d867x8xq12ag.cloudfront.net/v1.6.1-41-gc542807f/assets/ Frame F13A 367 B
746 B 72ms
18ms Script
application/javascript 2600:9000:219c:3200:1b:11ff:f600:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d867x8xq12ag.cloudfront.net/v1.6.1-41-gc542807f/assets/analytics-d638025feae8bf2e59655e6dc360d52f950aedf8a393c057e60a880c53e438ff.js
Requested by: Host: dashboard.presspatron.com
URL: https://dashboard.presspatron.com/websites/153/custom_button
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:3200:1b:11ff:f600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86e4cea7590220e8b29905c5a92057f3e98d11f8e225a1e0ca762a1c83e6d8f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.presspatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 85d2219c335742c82e7bf84433bc3256.cloudfront.net (CloudFront)
last-modified: Thu, 18 Aug 2022 03:48:31 GMT
server: AmazonS3
age: 62107
etag: "d4942a08aa647f1e5c41ee5eb3a2220c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31556952
date: Wed, 07 Sep 2022 02:02:52 GMT
x-amz-cf-pop: CDG3-C2
content-length: 367
x-amz-cf-id: PqhMIrrYhQKvMJRXKqfqsqDPKB8ZzQM6lrX3yPLksIpmiYpzohIJ9g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame C00D 118 KB
46 KB 46ms
22ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TZ4N8F

Requested by

Host: cdn.neighbourly.co.nz
URL: https://cdn.neighbourly.co.nz/widget/real-estate/177859/desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f95863ce5f0fb4b867484f365a8b78165aad4343252bbe69153638558270dbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46796
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Sep 2022 19:17:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C00D 6 KB
683 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Requested by

Host: cdn.neighbourly.co.nz
URL: https://cdn.neighbourly.co.nz/compiled/extract-css/re-org-widget-3a9d5c683ba2c0cd1b08c2295ddddb5a0e0a544d.00606d6abf32cf255d527412b66c9021.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db2df9b83da7ae87099495c1e14f9b94d416fa284ede72231aba757190884a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 18:41:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 19:17:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 19:17:57 GMT

GET
H2 200 aax.js Show response
c.aaxads.com/ 474 KB
122 KB 152ms
85ms Script
text/javascript 184.29.193.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAX76609S&hst=www.stuff.co.nz&ver=1.2

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.29.193.239 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-29-193-239.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

445b7efe0c22c800ae34c9a11a571bd976a69d7491223cd5c76cbffebfe7fc13

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Wed, 07 Sep 2022 19:17:58 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Wed, 07 Sep 2022 19:47:58 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/stuff.co.nz/ 74 KB
26 KB 38ms
8ms Script
application/javascript 13.225.85.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/stuff.co.nz/p.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.85.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-85-39.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 635a136e36d4a58ca3d882b71061c4764b613fe4361ea61b22dade8abda2c4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: public
date: Wed, 07 Sep 2022 02:36:41 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 18:45:41 GMT
server: nginx
age: 60126
etag: W/"611177d5-126a4"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 37FgIePtEvYjVmRczp1DWg2_iXY3oBKfH0bji5sAH12WiTQlAxzibg==
expires: Thu, 08 Sep 2022 02:35:52 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 61ms
19ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1056754-1&cid=1662743608.1662578278&jid=1347516982&gjid=879684405&_gid=823070381.1662578278&_u=IEBAAAAAAAAAAC~&z=1421220960

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 07 Sep 2022 19:17:58 GMT
content-type: text/plain
access-control-allow-origin: https://www.stuff.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c.js Show response
collector.brandmetrics.com/ 0
76 B 262ms
18ms Script
text/javascript 20.50.2.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=0cf2cb43-ab90-48b9-94fa-f5bf6ebdd0ed&toploc=www.stuff.co.nz&rnd=7756612
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=0cf2cb43-ab90-48b9-94fa-f5bf6ebdd0ed&toploc=www.stuff.co.nz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:57 GMT
content-length: 0
content-type: text/javascript;charset=utf-8

GET
H2 403 channel Show response
adfeeds.stuff.co.nz/v1/ 243 B
516 B 1423ms
1395ms XHR
application/xml 151.101.66.227
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://adfeeds.stuff.co.nz/v1/channel?v=1&p=desktop&s=/business/null/null/null/null&l=/International&pt=article
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.227 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0b2efba04d1c3db1c5a4818628ebc3ebc10e2c9bb8bef10670490db94133eb55

Request headers

Accept: */*
Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish
x-timer: S1662578278.038120,VS0,VE1381
x-served-by: cache-hhn4025-HHN
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/xml
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: MISS
accept-ranges: bytes
fastly-restarts: 1
x-cache-hits: 0

GET
H/1.1 200
OK config-nativform-article-mobileweb-v1.json Show response
adapi.stuff.co.nz/adcontrol/config/ 430 B
989 B 1219ms
300ms XHR
application/json 13.54.9.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adapi.stuff.co.nz/adcontrol/config/config-nativform-article-mobileweb-v1.json
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.54.9.50 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-54-9-50.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 3207d12eddcd5a7207fa64a26747eb2bc81a7544d2f871abe2e5424895100966

Request headers

Accept: */*
Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 19:17:59 GMT
Last-Modified: Sun, 08 Apr 2018 21:48:48 GMT
Server: nginx
ETag: "842844853d50938be214b5c55a4615c5"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: max-age=60, public
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 430
Expires: Wed, 07 Sep 2022 19:18:59 GMT

GET
H2 200 storageframe.html Show response
secure-gl.imrworldwide.com/ Frame 2152 11 KB
4 KB 131ms
131ms Document
text/html 2600:9000:206e:de00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:de00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 19:17:58 GMT
etag: W/"62f143e3-2b27"
last-modified: Mon, 08 Aug 2022 17:12:03 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 93f2a781416975f99355acc4c81d60d2.cloudfront.net (CloudFront)
x-amz-cf-id: cf_SzKO4USNTIlD2uRNfAL_axXuuiE5vffwIT5GKpk2TbtbIN1mQNA==
x-amz-cf-pop: VIE50-C1
x-cache: Miss from cloudfront

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 122ms
97ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1056754-1&cid=1662743608.1662578278&jid=1347516982&_u=IEBAAAAAAAAAAC~&z=1060974271

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 19:17:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 71ms
45ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1056754-1&cid=1662743608.1662578278&jid=1347516982&_u=IEBAAAAAAAAAAC~&z=1060974271

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 19:17:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame F13A 49 KB
20 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: d867x8xq12ag.cloudfront.net
URL: https://d867x8xq12ag.cloudfront.net/v1.6.1-41-gc542807f/assets/analytics-d638025feae8bf2e59655e6dc360d52f950aedf8a393c057e60a880c53e438ff.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.presspatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 958
date: Wed, 07 Sep 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 07 Sep 2022 21:02:00 GMT

GET
H/1.1

200
OK

ibs:dpid=21&dpuuid=219333204267003761744
dpm.demdex.net/ Frame D457
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=26050201013146273894431301852634562067
https://dpm.demdex.net/ibs:dpid=21&dpuuid=219333204267003761744

42 B
948 B

39ms
39ms

Image
image/gif

3.248.73.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=21&dpuuid=219333204267003761744

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

HTTP/1.1

Server

3.248.73.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-73-132.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fairfax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS: dcscanary-prod-irl1-1-v045-0349b3582.edge-irl1.demdex.com 7 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 3ql+/3JaSMU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 19:17:58 GMT
server: AAWebServer
location: https://dpm.demdex.net/ibs:dpid=21&dpuuid=219333204267003761744
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 1F64 12 KB
4 KB 16ms
15ms Document
text/html 2600:9000:206e:a00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:a00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3501
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Wed, 07 Sep 2022 18:19:38 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified: Mon, 02 May 2022 13:40:06 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
x-amz-cf-id: _NixcjmVwF7cHPEqTT8c7X4N27woNajTAmckQWf20ZPl8FIczOA17A==
x-amz-cf-pop: VIE50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: pCvO2RaXRfPysrOm9wpmYmW2HbKONfJo
x-cache: Hit from cloudfront

GET
H2 200 get.js Show response
buy-au.piano.io/api/v3/anon/captcha/ 153 B
317 B 46ms
30ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-au.piano.io/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=ooaGPZ28pa

Requested by

Host: code.piano.io
URL: https://code.piano.io/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2db493ad2312e7ca41e6c7b7ba720ac065a0faf46724ed8e7c8878cc2d2a470d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 86
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: KkjtuhriyXg
pragma
wn: prod-au-dash-10-1-4-44
last-modified: Wed, 07 Sep 2022 19:16:32 GMT
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=14400
cf-ray: 7471c99e7bd3914d-FRA
expires: Wed, 07 Sep 2022 23:17:58 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 23 KB
6 KB 83ms
20ms Script
application/x-javascript 2a02:26f0:10e:38f::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: code.piano.io
URL: https://code.piano.io/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e:38f::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 19:17:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 May 2022 19:29:56 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5964
Expires: Wed, 07 Sep 2022 20:17:58 GMT

POST
H2 200 execute Show response
c2-au.piano.io/xbuilder/experience/ 10 KB
3 KB 311ms
297ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2-au.piano.io/xbuilder/experience/execute?aid=ooaGPZ28pa

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e771b18013e08941e60520f23c44d5ac294c31e35d2f33d908ebf860c021caf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: br
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: g1r6v1rhrf
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.stuff.co.nz
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 7471c99e7bd4914d-FRA

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 157ms
33ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1662578278144&plid=53249756&idsite=stuff.co.nz&url=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22user_type%22%3A%5B%22FlyBys%22%5D%7D&sid=1&surl=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&sref=&sts=1662578278139&slts=0&title=Ransomware+attack%3A+Waikato+DHB+supporting+patients+after+documents+dumped+online+%7C+Stuff.co.nz&date=Wed+Sep+07+2022+19%3A17%3A58+GMT%2B0000+(GMT)&action=pageview&pvid=97916722&u=pid%3Db032623a0001d3e3c306dbe70c71a4be
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 19:17:58 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 07-Sep-2022 19:17:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame C00D 44 KB
44 KB 35ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cdn.neighbourly.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 174454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 18:50:24 GMT

GET
H2 200 server-datetime Show response
www.neighbourly.co.nz/ Frame C00D 12 B
327 B 308ms
286ms XHR
text/html 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.neighbourly.co.nz/server-datetime

Requested by

Host: cdn.neighbourly.co.nz
URL: https://cdn.neighbourly.co.nz/compiled/index_realestate_widget-2c6628ff4f85d6cd6286430d2ab3127b4e88f0d5.f14458627a5acbc5b3ab.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

74ac6df7d20bd573560831e17c5e0e78c3bb86730abea26302281b798eed6c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept: */*
Referer: https://cdn.neighbourly.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 900
x-served-by: cache-akl10329-AKL, cache-hhn4060-HHN
vary: Origin, X-UA-Device
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.neighbourly.co.nz
access-control-expose-headers: Date, Age
cache-control: public, max-age=0, s-maxage=900
access-control-allow-credentials: true
strict-transport-security: max-age=31557600
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12
x-cache-hits: 143, 0

GET
H2 200 630fc5c7970173.65270624.jpeg
cdn.neighbourly.co.nz/images/cache/400_low_quality/realestate_listing_images/ Frame C00D 36 KB
37 KB 9ms
8ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/400_low_quality/realestate_listing_images/630fc5c7970173.65270624.jpeg
Requested by: Host: cdn.neighbourly.co.nz
URL: https://cdn.neighbourly.co.nz/widget/real-estate/177859/desktop
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 4601918ef3053d11dec29938e953c2499c64eb676b3a5689ec9958a8b7e85c9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.neighbourly.co.nz/widget/real-estate/177859/desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 544279
x-cache: HIT, HIT
fastly-io-info: ifsz=37253 idim=400x267 ifmt=jpeg ofsz=37253 odim=400x267 ofmt=jpeg
fastly-stats: io=1
content-length: 37253
fastly-io-warning: Failed to shrink image
x-served-by: cache-akl10325-AKL, cache-hhn4078-HHN
expires: Sat, 01 Oct 2022 12:06:38 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578278.199195,VS0,VE1
etag: "xk5PDVcU1ry5bh/9Ga1oVdF/JYOYuN2IirwImPfI0Nw"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 3, 1

GET
H2 200 get Show response
odb.outbrain.com/utils/ 2 KB
1 KB 199ms
144ms Script
text/javascript 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&idx=0&rand=24666&key=NANOWDGT01&widgetJSId=AR_15&va=true&et=true&format=html&adblck=false&abwl=false&px=225&py=5337&vpd=4137&cw=782&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000877&sig=SWMRsVxU&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5ef3a40ff721375bc61aadec4e405dbac466e1f53bee4ea4f082da82797c8286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, VIE, Europe1
x-timer: S1662578278.276775,VS0,VE128
accept-ranges: bytes
x-served-by: cache-lga21966-LGA, cache-vie6335-VIE
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: e0cf72492b7b2ed2dbec4af52a9d4123
content-encoding: gzip
content-length: 1133
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame C00D 49 KB
20 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZ4N8F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 958
date: Wed, 07 Sep 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 07 Sep 2022 21:02:00 GMT

GET
H2

200

pixel.gif
load77.exelator.com/ Frame D457
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=26050201013146273894431301852634562067
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=26050201013146273894431301852634562067&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
329 B

210ms
17ms

Image
image/gif

2a02:6ea0:cb00::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Server: 2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fairfax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-77-nzt: Abm0DAawBnr/+ZUIAA
x-accel-expires: @1663052397
date: Wed, 07 Sep 2022 19:17:58 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: hieb5JbPRcA
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 562681
accept-ranges: bytes
x-77-pop: viennaAT
content-length: 43

Redirect headers

date: Wed, 07 Sep 2022 19:17:58 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 848F 4 KB
636 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 18:36:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 19:17:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 19:17:58 GMT

GET
H2 200 STUFFSANSWEB-Regular.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ Frame 848F 34 KB
34 KB 26ms
22ms Font
binary/octet-stream 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Regular.woff2
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: eba8e146cb4aeb1da575bb17f8961d2594d0f60af6d7eaed5cdc95c4dcd451a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:52 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "fe6cd12a1cf8b8619df8988d8a9de8a6"
x-varnish: 121135779 103426127
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 34328
expires: Thu, 07 Sep 2023 19:17:58 GMT

GET
H2 200 STUFFSANSWEB-Medium.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ Frame 848F 34 KB
34 KB 37ms
34ms Font
binary/octet-stream 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Medium.woff2
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: aa2364dedec6a43252d203e609c5a6f15a8a115004481e2713102c9623fb9435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:50 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "5ab0cd26b9190f6f68b2662a04b6c497"
x-varnish: 122659965 102329021
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 34512
expires: Thu, 07 Sep 2023 19:17:58 GMT

GET
H2 200 STUFFSANSWEB-SemiBold.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ Frame 848F 34 KB
34 KB 44ms
41ms Font
binary/octet-stream 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-SemiBold.woff2
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 5522fa3faddd44754a3031f0cea90f32c4da5ca5246a91be3f88fd58478d2005

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-length: 34928
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:51 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "c0f391724faf1f645baa4e7063639d47"
access-control-max-age: 3000
access-control-allow-methods: GET
x-varnish: 122238383 121819520
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
expires: Thu, 07 Sep 2023 19:17:58 GMT

GET
H2 200 STUFFSANSWEB-Bold.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ Frame 848F 35 KB
35 KB 50ms
47ms Font
binary/octet-stream 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Bold.woff2
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 94b570c0adf306d4cfd4e6acf9750c96c2f8e8e5ec413d2776f247cdcd70e754

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:45 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "87f1f4039a6a436c46cddb11fab184cd"
x-varnish: 120056490 101570627
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 35376
expires: Thu, 07 Sep 2023 19:17:58 GMT

GET
H2 200 stuff-sans.css
www.stuff.co.nz/static/spade/fonts/ Frame 848F 5 KB
721 B 17ms
15ms Stylesheet
text/css 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans.css
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 9d2ed300e56e6818a6d7436b2bf489c58af9948328afc1985caf73a9f444c71d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: gzip
content-length: 452
x-esi-enable: 0
last-modified: Tue, 17 May 2022 04:11:23 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: W/"8783ea926fd6938471a3adee7992b39b"
vary: Accept-Encoding
x-varnish: 122399417 100822627
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: text/css
expires: Thu, 07 Sep 2023 19:17:58 GMT

GET
H2 200 bc1f35fbabde86a0c260.css
widgets.neighbourly.co.nz/_next/static/css/ Frame 848F 183 KB
25 KB 909ms
906ms Stylesheet
text/css 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.neighbourly.co.nz/_next/static/css/bc1f35fbabde86a0c260.css

Requested by

Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b48d5d2471817435647d2a820cd24a2e9a71c676f60a1187de8b683de4d09fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/showcaseplus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 02 Aug 2022 11:20:07 GMT
age: 1457
etag: W/"2da14-1825e48d258"
x-served-by: cache-akl10325-AKL, cache-hhn4043-HHN
vary: Accept-Encoding, X-UA-Device, Cookie, client-geo-postcode, client-geo-country, Cookie, client-geo-postcode, client-geo-country
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31557600
accept-ranges: bytes
content-encoding: gzip
content-length: 25455
x-cache-hits: 1, 0

GET
H2 200 e697c219abd7265706a2.css
widgets.neighbourly.co.nz/_next/static/css/ Frame 848F 60 B
312 B 289ms
287ms Stylesheet
text/css 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.neighbourly.co.nz/_next/static/css/e697c219abd7265706a2.css

Requested by

Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

57630d8dcf2904d8a5a710ecaba71444fb360177fcd81d06b3a207048c11762f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/showcaseplus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 02 Aug 2022 11:20:07 GMT
age: 8589
etag: W/"3c-1825e48d258"
x-served-by: cache-akl10323-AKL, cache-hhn4043-HHN
vary: Accept-Encoding, X-UA-Device, Cookie, client-geo-postcode, client-geo-country, Cookie, client-geo-postcode, client-geo-country
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31557600
accept-ranges: bytes
content-length: 60
x-cache-hits: 3, 0

GET
H2 200 4fc0952e4a43e0d3ce83.css
widgets.neighbourly.co.nz/_next/static/css/ Frame 848F 10 KB
2 KB 1116ms
1113ms Stylesheet
text/css 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.neighbourly.co.nz/_next/static/css/4fc0952e4a43e0d3ce83.css

Requested by

Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ce200572a95b7da0d68c820367fe15c437f32a4516c88217df94f42491660d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/showcaseplus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 02 Aug 2022 11:20:07 GMT
age: 2490
etag: W/"26ea-1825e48d258"
x-served-by: cache-akl10333-AKL, cache-hhn4043-HHN
vary: Accept-Encoding, X-UA-Device, Cookie, client-geo-postcode, client-geo-country, Cookie, client-geo-postcode, client-geo-country
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31557600
accept-ranges: bytes
content-encoding: gzip
content-length: 2391
x-cache-hits: 2, 0

GET
H2 200 main-1e46f55a701e807a2387.js Show response
widgets.neighbourly.co.nz/_next/static/chunks/ Frame 848F 21 KB
7 KB 844ms
842ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.neighbourly.co.nz/_next/static/chunks/main-1e46f55a701e807a2387.js

Requested by

Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f8c5e417d2e60b16692d21841cee7949e2b3e92d67f3b5a778bfb859443d3e36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/showcaseplus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 02 Aug 2022 11:20:07 GMT
age: 77
etag: W/"52dc-1825e48d258"
x-served-by: cache-akl10329-AKL, cache-hhn4043-HHN
vary: Accept-Encoding, X-UA-Device, Cookie, client-geo-postcode, client-geo-country, Cookie, client-geo-postcode, client-geo-country
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31557600
accept-ranges: bytes
content-encoding: gzip
content-length: 7236
x-cache-hits: 1, 0

GET
H2 200 webpack-e067438c4cf4ef2ef178.js Show response
widgets.neighbourly.co.nz/_next/static/chunks/ Frame 848F 2 KB
867 B 858ms
856ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.neighbourly.co.nz/_next/static/chunks/webpack-e067438c4cf4ef2ef178.js

Requested by

Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/showcaseplus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 02 Aug 2022 11:20:07 GMT
age: 78
etag: W/"603-1825e48d258"
x-served-by: cache-akl10333-AKL, cache-hhn4043-HHN
vary: Accept-Encoding, X-UA-Device, Cookie, client-geo-postcode, client-geo-country, Cookie, client-geo-postcode, client-geo-country
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31557600
accept-ranges: bytes
content-encoding: gzip
content-length: 751
x-cache-hits: 1, 0

GET
H2 200 framework.f7778716ff86b3768de2.js Show response
widgets.neighbourly.co.nz/_next/static/chunks/ Frame 848F 126 KB
39 KB 354ms
352ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.neighbourly.co.nz/_next/static/chunks/framework.f7778716ff86b3768de2.js

Requested by

Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ce65e5fd87e0eb1a626b570dd69a587f7bb86bbfc2073c83ba0c318906a1e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/showcaseplus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 02 Aug 2022 11:20:07 GMT
age: 28375
etag: W/"1f8b9-1825e48d258"
x-served-by: cache-akl10325-AKL, cache-hhn4043-HHN
vary: Accept-Encoding, X-UA-Device, Cookie, client-geo-postcode, client-geo-country, Cookie, client-geo-postcode, client-geo-country
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31557600
accept-ranges: bytes
content-encoding: gzip
content-length: 40281
x-cache-hits: 25, 0

GET
H2 200 ee6a4778.bca366718f045dbe8189.js Show response
widgets.neighbourly.co.nz/_next/static/chunks/ Frame 848F 69 B
160 B 296ms
294ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.neighbourly.co.nz/_next/static/chunks/ee6a4778.bca366718f045dbe8189.js

Requested by

Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4c3a0d03a71141a5f6bbf5510a2c2f23566d1c9e292be0fe36e36a5fd7ae74eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/showcaseplus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 02 Aug 2022 11:20:07 GMT
age: 134
etag: W/"45-1825e48d258"
x-served-by: cache-akl10320-AKL, cache-hhn4043-HHN
vary: Accept-Encoding, X-UA-Device, Cookie, client-geo-postcode, client-geo-country, Cookie, client-geo-postcode, client-geo-country
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31557600
accept-ranges: bytes
content-length: 69
x-cache-hits: 1, 0

GET
H2 200 a91cd26738abed5ead091a920c0014f9a8b224c1.d296976b07a31467f383.js Show response
widgets.neighbourly.co.nz/_next/static/chunks/ Frame 848F 33 KB
11 KB 866ms
864ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.neighbourly.co.nz/_next/static/chunks/a91cd26738abed5ead091a920c0014f9a8b224c1.d296976b07a31467f383.js

Requested by

Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2f3da7ec54375272fa6b82a19bac4ce6e71b35b8230f4c20fb8a45cee257eaef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/showcaseplus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 02 Aug 2022 11:20:07 GMT
age: 41679
etag: W/"85bb-1825e48d258"
x-served-by: cache-akl10323-AKL, cache-hhn4043-HHN
vary: Accept-Encoding, X-UA-Device, Cookie, client-geo-postcode, client-geo-country, Cookie, client-geo-postcode, client-geo-country
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31557600
accept-ranges: bytes
content-encoding: gzip
content-length: 11112
x-cache-hits: 35, 0

GET
H2 200 _app-f6c2a0d82b8d5955a08b.js Show response
widgets.neighbourly.co.nz/_next/static/chunks/pages/ Frame 848F 7 KB
3 KB 289ms
287ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.neighbourly.co.nz/_next/static/chunks/pages/_app-f6c2a0d82b8d5955a08b.js

Requested by

Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

02636241723428d07016ceb3b305e0c6bc12d3d81784b6b4ca94048effe785b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/showcaseplus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 02 Aug 2022 11:20:07 GMT
age: 37775
etag: W/"1cb6-1825e48d258"
x-served-by: cache-akl10330-AKL, cache-hhn4043-HHN
vary: Accept-Encoding, X-UA-Device, Cookie, client-geo-postcode, client-geo-country, Cookie, client-geo-postcode, client-geo-country
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31557600
accept-ranges: bytes
content-encoding: gzip
content-length: 2624
x-cache-hits: 42, 0

GET
H2 200 7dad2561f4fa328da920c47c5dddd300d4a08fd9.e906bea07e7da526b77a.js Show response
widgets.neighbourly.co.nz/_next/static/chunks/ Frame 848F 77 KB
20 KB 325ms
324ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.neighbourly.co.nz/_next/static/chunks/7dad2561f4fa328da920c47c5dddd300d4a08fd9.e906bea07e7da526b77a.js

Requested by

Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

204eeb9a3f50a847d5706aa073fd14a06ae3d18b776484d4c9e7497a10cbec09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/showcaseplus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 02 Aug 2022 11:20:07 GMT
age: 37775
etag: W/"1328c-1825e48d258"
x-served-by: cache-akl10328-AKL, cache-hhn4043-HHN
vary: Accept-Encoding, X-UA-Device, Cookie, client-geo-postcode, client-geo-country, Cookie, client-geo-postcode, client-geo-country
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31557600
accept-ranges: bytes
content-encoding: gzip
content-length: 20751
x-cache-hits: 43, 0

GET
H2 200 showcaseplus-677f3f2768a2924420e2.js Show response
widgets.neighbourly.co.nz/_next/static/chunks/pages/ Frame 848F 48 KB
17 KB 881ms
880ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.neighbourly.co.nz/_next/static/chunks/pages/showcaseplus-677f3f2768a2924420e2.js

Requested by

Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c8ba67ef9e59a515bd68497847556fab804776ada6c43fa481d6e7ea707da284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/showcaseplus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 02 Aug 2022 11:20:07 GMT
age: 47
etag: W/"bf3f-1825e48d258"
x-served-by: cache-akl10323-AKL, cache-hhn4043-HHN
vary: Accept-Encoding, X-UA-Device, Cookie, client-geo-postcode, client-geo-country, Cookie, client-geo-postcode, client-geo-country
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31557600
accept-ranges: bytes
content-encoding: gzip
content-length: 17158
x-cache-hits: 1, 0

GET
H2 200 6318a48593f8e3.33408514.jpeg
cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/ Frame 848F 810 B
1 KB 81ms
15ms Image
image/jpeg 2600:9000:206e:9c00:1d:ff29:58c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/6318a48593f8e3.33408514.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9c00:1d:ff29:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2dd864f24cf286f6c816e0e64f17ff947af13c93f11e68827536c6ce5a187b4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 14:03:27 GMT
via: 1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
last-modified: Wed, 07 Sep 2022 14:02:53 GMT
server: AmazonS3
age: 18872
etag: "d4bbe31390112bff3ced98452f199849"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C1
content-length: 810
x-amz-cf-id: Yn5NhfJT09emWCxB2Vate3MeODy-nV0FeY2AqF0QmH3yKyG7j204lg==

GET
H2 200 5c097d0db66ab5.30626734.jpeg
cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/ Frame 848F 781 B
1 KB 82ms
16ms Image
image/jpeg 2600:9000:206e:9c00:1d:ff29:58c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/5c097d0db66ab5.30626734.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9c00:1d:ff29:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd25a18aec92bdbe8aaf1a01a19030fe5d8d875b3aba6006ff6c66399de314e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 14:02:27 GMT
via: 1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
last-modified: Wed, 23 Dec 2020 13:26:14 GMT
server: AmazonS3
age: 18932
etag: "1897803f216752336f4277a6e8348003"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C1
content-length: 781
x-amz-cf-id: ycozYHq5PCNqcXmpGUyUHdZO2ebS3doiCcR00Q01qpZ8g84FIRA14g==

GET
H2 200 63038c526f6442.72657574.jpeg
cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/ Frame 848F 872 B
1 KB 82ms
16ms Image
image/jpeg 2600:9000:206e:9c00:1d:ff29:58c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/63038c526f6442.72657574.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9c00:1d:ff29:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b20e85c43c9b8c1511a6ae8b57abb05433c132654f9475b9e87841980752036

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:12:48 GMT
via: 1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 14:02:02 GMT
server: AmazonS3
age: 925511
etag: "c5e54d7ee2837d4801a39e2a0b3e91cb"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C1
content-length: 872
x-amz-cf-id: TwlFJwbs0iUPEG_Ipb8f8uSW8-aVidQblqZ3nPQYeWlIIJNtX_VNaQ==

GET
H2 200 614ade46d8ab24.92619791.jpeg
cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/ Frame 848F 804 B
1 KB 83ms
17ms Image
image/jpeg 2600:9000:206e:9c00:1d:ff29:58c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/614ade46d8ab24.92619791.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9c00:1d:ff29:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9df5c5e47491aed4e935e789ad5f0b1c7ec35c364189086a5338c343fb91ca69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 06:15:37 GMT
via: 1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
last-modified: Wed, 22 Sep 2021 08:49:03 GMT
server: AmazonS3
age: 2034142
etag: "fc6211e54018a4b57ca673b9fe5490fa"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C1
content-length: 804
x-amz-cf-id: dDiCGhO2xURx7Sob5WQnsEn6vzkpyl4aHXlRHPt6lv656GKctJNFVw==

GET
H2 200 5afb4c61902d09.40570221.png
cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/ Frame 848F 4 KB
5 KB 83ms
17ms Image
image/png 2600:9000:206e:9c00:1d:ff29:58c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/5afb4c61902d09.40570221.png
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9c00:1d:ff29:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00151c64805f06ef194b3ae5f6f9389696941323b1413460805462f527b822d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 01:07:42 GMT
via: 1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
last-modified: Thu, 26 Sep 2019 18:31:08 GMT
server: AmazonS3
age: 670217
etag: "8654aff3b36e920e892bab2eda13e6fe"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C1
content-length: 4307
x-amz-cf-id: GbgsPYyCpXbgYf_XRaQxkMGV8wXmYpTxDvWiAPoGpO_koXvoTPAhiA==

GET
H2 200 61023cb8a499d4.22684824.jpeg
cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/ Frame 848F 922 B
1 KB 82ms
17ms Image
image/jpeg 2600:9000:206e:9c00:1d:ff29:58c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/61023cb8a499d4.22684824.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9c00:1d:ff29:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91885f76e8c3aaf56cb3aed01378157fbb51d4e0eba02091e7a298a82a272850

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 04:17:06 GMT
via: 1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jul 2021 05:33:02 GMT
server: AmazonS3
age: 54053
etag: "68dc7f19b4123fe5abee7c094885353a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C1
content-length: 922
x-amz-cf-id: S35am9d8eg8t-jpG7kYcOjm2_zcazQeru_vUMw2TEUXMgNeQJ8htbA==

GET
H2 200 6318179bb7dfa0.09402769.jpeg
cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/ Frame 848F 885 B
1 KB 17ms
14ms Image
image/jpeg 2600:9000:206e:9c00:1d:ff29:58c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/6318179bb7dfa0.09402769.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9c00:1d:ff29:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b3d4183b2b59c9e5acb66a10b907cb9205a8cd93d8669d58f02efa93730f0fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 04:01:36 GMT
via: 1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
last-modified: Wed, 07 Sep 2022 04:01:35 GMT
server: AmazonS3
age: 54983
etag: "08d7f82d4cea409564ec28429f27adac"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C1
content-length: 885
x-amz-cf-id: hEPI5hpUo_ZvKCIafFsHbbm92Mq-J28hAhsmsmfmQDWjc_dTKF0qqA==

GET
H2 200 6033ab182aae16.45070621.jpeg
cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/ Frame 848F 866 B
1 KB 15ms
14ms Image
image/jpeg 2600:9000:206e:9c00:1d:ff29:58c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/6033ab182aae16.45070621.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9c00:1d:ff29:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 437c1397afa0c07b0e916bbf110c180e5c6a8d3d8b7b4a72023ed28cfcaa931e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 03:52:24 GMT
via: 1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
last-modified: Wed, 24 Feb 2021 03:05:33 GMT
server: AmazonS3
age: 55535
etag: "09e92e3a385af1cde48fd2a8d13d3fab"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C1
content-length: 866
x-amz-cf-id: ORe19tZJbKq_hCHwo8vDmRNNn50gCH36uBnsbkgpZjvtxTMVKYGMqQ==

GET
H2 200 6152c4895b6096.55891232.jpeg
cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/ Frame 848F 726 B
1 KB 16ms
15ms Image
image/jpeg 2600:9000:206e:9c00:1d:ff29:58c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/6152c4895b6096.55891232.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9c00:1d:ff29:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c85c8177b9128cf516265d901e7fb5c09c3f04671e1102115df9ef9be77a899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 23:48:23 GMT
via: 1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
last-modified: Tue, 28 Sep 2021 07:32:00 GMT
server: AmazonS3
age: 588575
etag: "dbcb8f2b2c7665e291d7bfd32dfe08af"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C1
content-length: 726
x-amz-cf-id: Claf1W5170Kg1KYel1tP6F0j2fG7FQAzC4IZUfLgHVn3-7QDnJ7utg==

GET
H2 200 60e3e1313af9c7.62055092.jpeg
cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/ Frame 848F 813 B
1 KB 16ms
15ms Image
image/jpeg 2600:9000:206e:9c00:1d:ff29:58c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.neighbourly.co.nz/images/cache/email_message_profile_picture/profile/60e3e1313af9c7.62055092.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9c00:1d:ff29:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c9d3a47ee8062f27d83f2c6cadbf23a78c099d997756dfec8f17a046f90f6fb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 20:32:26 GMT
via: 1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
last-modified: Tue, 06 Jul 2021 04:52:18 GMT
server: AmazonS3
age: 600333
etag: "334edc572ee3b62ad6c9190f24b8c54c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C1
content-length: 813
x-amz-cf-id: Y_6HBszXD-Dj1o1OIKDSDnXHXaPl-5febEBeCEZj7IVg8zM8yMxqow==

GET
H2 200 _buildManifest.js Show response
widgets.neighbourly.co.nz/_next/static/hVJ2H7gRtvEfpkVl_91ch/ Frame 848F 1 KB
616 B 315ms
315ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.neighbourly.co.nz/_next/static/hVJ2H7gRtvEfpkVl_91ch/_buildManifest.js

Requested by

Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

422af571c020d8ca64406d0e2c9170b6a49232825a3703767400d3792709098e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/showcaseplus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 02 Aug 2022 11:20:07 GMT
age: 2500
etag: W/"406-1825e48d258"
x-served-by: cache-akl10326-AKL, cache-hhn4043-HHN
vary: Accept-Encoding, X-UA-Device, Cookie, client-geo-postcode, client-geo-country, Cookie, client-geo-postcode, client-geo-country
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31557600
accept-ranges: bytes
content-encoding: gzip
content-length: 466
x-cache-hits: 1, 0

GET
H2 200 _ssgManifest.js Show response
widgets.neighbourly.co.nz/_next/static/hVJ2H7gRtvEfpkVl_91ch/ Frame 848F 76 B
173 B 309ms
309ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.neighbourly.co.nz/_next/static/hVJ2H7gRtvEfpkVl_91ch/_ssgManifest.js

Requested by

Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/showcaseplus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 02 Aug 2022 11:20:07 GMT
age: 30487
etag: W/"4c-1825e48d258"
x-served-by: cache-akl10322-AKL, cache-hhn4043-HHN
vary: Accept-Encoding, X-UA-Device, Cookie, client-geo-postcode, client-geo-country, Cookie, client-geo-postcode, client-geo-country
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31557600
accept-ranges: bytes
content-length: 76
x-cache-hits: 27, 0

GET
H2 200 pxusr.gif
c.aaxads.com/ 43 B
219 B 16ms
16ms Image
image/gif 184.29.193.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/pxusr.gif

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.29.193.239 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-29-193-239.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 07 Sep 2022 19:17:58 GMT
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: max-age=409941
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Sep 2022 13:10:19 GMT

GET
H/1.1 200
OK pxext.gif
www.aaxdetect.com/ 43 B
342 B 85ms
8ms Image
image/gif 23.205.239.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aaxdetect.com/pxext.gif
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.239.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-239-15.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62: 8096267
Date: Wed, 07 Sep 2022 19:17:58 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=741813
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 16 Sep 2022 09:21:31 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 91 KB
29 KB 23ms
23ms Script
application/x-javascript 2a02:26f0:10e:38f::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e:38f::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3c2824b5d9d3293a4d3b231891aa2834a476f16463bfb8824e7a8225bba32053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 19:17:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2022 12:17:53 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29505
Expires: Wed, 07 Sep 2022 20:17:58 GMT

GET
H2

200

m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1662578278325&ci=nz-stuff&js=1&cg=0&ts=p.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Franso...
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1662578278325&ci=nz-stuff&js=1&cg=0&ts=p.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Franso...

44 B
752 B

135ms
135ms

Image
image/gif

2600:9000:206e:de00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1662578278325&ci=nz-stuff&js=1&cg=0&ts=p.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&sr=1600x1200&id=lstrg-dd6fefae2a929fb629b3b705e4ec8e5d&ja=1
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Server: 2600:9000:206e:de00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 93f2a781416975f99355acc4c81d60d2.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: KD4g9KYLujBY04cCnzKFSRIArm_vgqi5dW-zpi20Xclen5WIjXlzPQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 93f2a781416975f99355acc4c81d60d2.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 0
pragma: no-cache
access-control-allow-origin: *
server: nginx
access-control-allow-methods: POST, OPTIONS
location: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1662578278325&ci=nz-stuff&js=1&cg=0&ts=p.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&sr=1600x1200&id=lstrg-dd6fefae2a929fb629b3b705e4ec8e5d&ja=1
cache-control: no-cache
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: WBmyhAa3b4Pb_0KOdvEd4olE0RLIkbIlgmiJOO47HQeuWVFKRf0jvg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 pixel_7a4b3a79 Show response
www.stuff.co.nz/akam/13/ 0
599 B 19ms
19ms XHR
text/html 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/akam/13/pixel_7a4b3a79
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-length: 0
content-type: text/html

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame D457 0
214 B 53ms
11ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=26050201013146273894431301852634562067&gdpr=0&gdpr_consent=
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fairfax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 1F64 44 B
720 B 213ms
35ms Image
image/gif 52.16.88.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PEC098A72-33DD-408F-96BF-B1E81199868C&sessionId=xas5wvnt8fdfxhrf7wtoa6ehqehnw1662578278&c16=sdkv,bj.6.0.0&uoo=&fp_id=vyxubrlmiftwgalixglomwszosdho1662578278&fp_cr_tm=1662578278088&fp_acc_tm=1662578278088&fp_emm_tm=1662578278088&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.88.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-88-31.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 19:17:58 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
xas5wvnt8fdfxhrf7wtoa6ehqehnw1662578278.nuid.imrworldwide.com/ Frame 1F64 35 B
350 B 77ms
10ms Image
image/gif 2600:9000:21f3:7c00:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xas5wvnt8fdfxhrf7wtoa6ehqehnw1662578278.nuid.imrworldwide.com/
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7c00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 02:19:23 GMT
via: 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 61116
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 35
x-amz-cf-id: jakqbMSvceY-HR42V1wq4OKgwXdcmKDdKNivH9SweUU0KMOnLjpGbQ==

GET
H2 200 stuff-login-sdk.js Show response
www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/ Frame ACC3 322 KB
87 KB 17ms
17ms Script
application/javascript 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/stuff-login-sdk.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/callback/signin-callback.html?error=login_required&state=082ff4aecefa433baaef0fd6568c0814&session_state=e92141911ebb511a9d2d1b38c531fc62ef371e6f107a98894f3ff5aa9cf9c963.1422243792
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 286a5bcfa642461849ca5397fde16452a1f50d784bc7cb1631099ced066831ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/callback/signin-callback.html?error=login_required&state=082ff4aecefa433baaef0fd6568c0814&session_state=e92141911ebb511a9d2d1b38c531fc62ef371e6f107a98894f3ff5aa9cf9c963.1422243792
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: gzip
content-length: 88598
x-esi-enable: 0
last-modified: Wed, 19 May 2021 02:37:50 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: W/"f73b63b9788f2f623698b107ed61ddba"
vary: Accept-Encoding
x-varnish: 352248230 325443964
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 07 Sep 2023 19:17:58 GMT

GET
H2 200 session-management Show response
my.stuff.co.nz/ Frame 8077 552 B
2 KB 321ms
320ms Document
text/html 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stuff.co.nz/session-management

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/stuff-login-sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6e8f782cb76f95850c56a2bec743171e3ece77af0a3817b315581b53b88e1eaf

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.facebook.net https://.nr-data.net https://.gigya.com https://.eu1.gigya.com https://.us1.gigya.com https://secure-nz.imrworldwide.com https://.demdex.net https://.newrelic.com https://.googletagservices.com https://.googleadservices.com https://adservice.google.co.nz https://adservice.google.com https://hello.myfonts.net https://securepubads.g.doubleclick.net https://.googlesyndication.com https://apis.google.com
X-Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.facebook.net https://.nr-data.net https://.gigya.com https://.eu1.gigya.com https://.us1.gigya.com https://secure-nz.imrworldwide.com https://.demdex.net https://.newrelic.com https://.googletagservices.com https://.googleadservices.com https://adservice.google.co.nz https://adservice.google.com https://hello.myfonts.net https://securepubads.g.doubleclick.net https://.googlesyndication.com https://apis.google.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en-NZ
content-length: 552
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.facebook.net https://*.nr-data.net https://*.gigya.com https://*.eu1.gigya.com https://*.us1.gigya.com https://secure-nz.imrworldwide.com https://*.demdex.net https://*.newrelic.com https://*.googletagservices.com https://*.googleadservices.com https://adservice.google.co.nz https://adservice.google.com https://hello.myfonts.net https://securepubads.g.doubleclick.net https://*.googlesyndication.com https://apis.google.com
content-type: text/html;charset=UTF-8
date: Wed, 07 Sep 2022 19:17:58 GMT
expires: 0
pragma: no-cache
x-content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.facebook.net https://*.nr-data.net https://*.gigya.com https://*.eu1.gigya.com https://*.us1.gigya.com https://secure-nz.imrworldwide.com https://*.demdex.net https://*.newrelic.com https://*.googletagservices.com https://*.googleadservices.com https://adservice.google.co.nz https://adservice.google.com https://hello.myfonts.net https://securepubads.g.doubleclick.net https://*.googlesyndication.com https://apis.google.com
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 log
l3.aaxads.com/ 35 B
194 B 67ms
15ms Image
image/gif 184.29.193.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=119&dgw=desktop&flg=AAX76609S&fw=NURNBERG&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=stuff.co.nz&vhuyqdph=ssp-serving-5b7b67c586-qzb76&vyu=090709_439_090512_390_ssp&vf=BY&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001662578278304013651816967709&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control&deg=2&fdeg=0&gdeg=2&ghqg=118&fhqg=19&hqg=38&gvwduw=19&fvwduw=19&vwduw=19&uhtxuo=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&nzui=
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.29.193.239 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-193-239.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 19:17:58 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 07 Sep 2022 19:17:58 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 355ms
89ms Fetch
text/plain 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=4afa3627a39f16e9e1d213f4cdb9d995_5244_1662578278349&tm=566&eT=6&wRV=2000877&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: gzip
X-TraceId: ec6f6cbb2cda4469b292ff054262bedb
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 skyLander.js Show response
widgets.outbrain.com/nanoWidget/2000877/module/ 2 KB
2 KB 8ms
8ms Script
application/x-javascript 88.221.169.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000877/module/skyLander.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 66d64ecd956174bddcffdc71bdc1e8370638915731779ae7c8b396b1f5b8cb4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 11:45:32 GMT
server: AkamaiNetStorage
etag: "73281901dde2a7d1e6a60bc7e7c14446:1662563331.680614"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 1228
expires: Wed, 07 Sep 2022 23:17:58 GMT

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=2022090719175800055375617600
dpm.demdex.net/ Frame D457
Redirect Chain

https://x.dlx.addthis.com/e/demdex_sync?na_exid=26050201013146273894431301852634562067&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022090719175800055375617600

42 B
942 B

44ms
36ms

Image
image/gif

3.248.73.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022090719175800055375617600

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

HTTP/1.1

Server

3.248.73.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-73-132.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fairfax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v039-0bd1befb8.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: OplF7xgwQjU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022090719175800055375617600
pragma: no-cache
date: Wed, 07 Sep 2022 19:17:58 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 07 Sep 2022 19:17:58 GMT

POST
H3 200 loadTemplateContext Show response
buy-au.piano.io/api/v3/anon/template/ 585 B
876 B 342ms
327ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-au.piano.io/api/v3/anon/template/loadTemplateContext?aid=ooaGPZ28pa

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d70428e860e50fbfaac3b88ac8e7a590a71d2f3fc454c959798f177e2bfaf23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: KyltuhrYVce
pragma: no-cache
wn: prod-au-dash-10-1-4-44
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.003
cf-ray: 7471c9a07d55692e-FRA
expires: 0

GET
H3 200 cacheableShow Show response
buy-au.piano.io/checkout/template/ Frame E7CF 14 KB
5 KB 331ms
317ms Document
text/html 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-au.piano.io/checkout/template/cacheableShow?aid=ooaGPZ28pa&templateId=OT7A8RZIFO4E&offerId=fakeOfferId&experienceId=EX56LBDCL3RM&iframeId=offer_d69a7ec253276449135a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid-au.piano.io%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.stuff.co.nz

Requested by

Host: code.piano.io
URL: https://code.piano.io/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e9e064b938b0b9cbd469cd53860467254dfaa40fb278949ef8213062affc6f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: *
access-control-allow-origin: http://dashboard-au.piano.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=900
cf-cache-status: EXPIRED
cf-ray: 7471c9a07c7d91d8-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 07 Sep 2022 19:17:58 GMT
expires: Wed, 07 Sep 2022 19:32:58 GMT
last-modified: Wed, 07 Sep 2022 17:29:45 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server: cloudflare
server-time: 0.002
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-au-dash-10-1-3-153
x-forwarded-https: on
x-request-id: KyltuhrbH5g
x-xss-protection: 0

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 121D 684 B
749 B 21ms
21ms Document
text/html 2a02:26f0:10e:38f::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e:38f::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 379
Content-Type: text/html
Date: Wed, 07 Sep 2022 19:17:58 GMT
Expires: Sat, 17 Sep 2022 19:17:58 GMT
Last-Modified: Tue, 11 Jan 2022 07:21:04 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 121D 91 KB
29 KB 25ms
24ms Script
application/x-javascript 2a02:26f0:10e:38f::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e:38f::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3c2824b5d9d3293a4d3b231891aa2834a476f16463bfb8824e7a8225bba32053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 19:17:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2022 12:17:53 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29505
Expires: Wed, 07 Sep 2022 20:17:58 GMT

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 121D 47 B
637 B 121ms
18ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 6f279f5faac1c4344835c45369a2a22ecd208b84fb0d8d0e5d0fa014471d9e9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
last-modified: Mon, 07 Mar 2022 19:17:58 GMT
server: Jetty(9.4.28.v20200408)
etag: 2c0s063eu2oig21ilxcmotkqjp
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: private, proxy-revalidate
content-type: text/javascript;charset=utf-8
content-length: 47
expires: Thu, 07 Sep 2023 19:17:58 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEDeHDS-h_CDV5mRTC2YQkCk&google_cver=1
dpm.demdex.net/ Frame D457
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjYwNTAyMDEwMTMxNDYyNzM4OTQ0MzEzMDE4NTI2MzQ1NjIwNjc=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjYwNTAyMDEwMTMxNDYyNzM4OTQ0MzEzMDE4NTI2MzQ1NjIwNjc=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDeHDS-h_CDV5mRTC2YQkCk&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

42ms
42ms

Image
image/gif

3.248.73.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDeHDS-h_CDV5mRTC2YQkCk&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

HTTP/1.1

Server

3.248.73.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-73-132.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fairfax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v039-068827ef2.edge-irl1.demdex.com 9 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MJ58rDLgQIU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 19:17:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDeHDS-h_CDV5mRTC2YQkCk&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame D457
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=26050201013146273894431301852634562067
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=26050201013146273894431301852634562067

0
338 B

105ms
29ms

Image
text/plain

34.249.4.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=26050201013146273894431301852634562067
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Server: 34.249.4.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-4-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fairfax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
cache-control: private, no-cache, no-store
x-request-time: D=123 t=1662578279
x-served-by: beacon-n022-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=26050201013146273894431301852634562067
date: Wed, 07 Sep 2022 19:17:58 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a021-ash-prod.krxd.net

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 121D 43 B
468 B 57ms
15ms Image
image/gif 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.7.0&typ=pgv&rnd=l7s06hnorjgaydt4&sid=1151019886197577425&loc=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&new=1&arf=0&ltm=1662578278363&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=l7s06hxcqlvddidf&ckp=l7s06hnoecnxww97&glb=&cp_userState=anon&cp_ver=2.47&cp_testGroup=41&cst=2c0s063eu2oig21ilxcmotkqjp
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 103 B
675 B 63ms
21ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22l7s06hnoecnxww97%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%222c0s063eu2oig21ilxcmotkqjp%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%222c0s063eu2oig21ilxcmotkqjp%22%7D%5D%2C%22siteId%22%3A%221151019886197577425%22%2C%22location%22%3A%22https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online%22%7D&callback=cXJsonpCB1

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

950625f7eccd4526dcedd43bc92375ff041b33aea14c2634f5fb94674f74f9aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 19:17:58 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 103
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 crypto-js.min.js Show response
my.stuff.co.nz/js/sessionManagement/ Frame 8077 47 KB
16 KB 21ms
20ms Script
application/javascript 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://my.stuff.co.nz/js/sessionManagement/crypto-js.min.js
Requested by: Host: my.stuff.co.nz
URL: https://my.stuff.co.nz/session-management
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bba05a999896e6d09e9a37b69ebb5e282d8aa0b20a5fd94a3d2a6f0a43a16a6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.stuff.co.nz/session-management
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 01:45:58 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=29354859
accept-ranges: bytes
content-length: 16253

GET
H2 200 sessionManagement-1a4f0e5bb1523762a6a2a7c60c9c11cf.js Show response
my.stuff.co.nz/js/sessionManagement/ Frame 8077 3 KB
1 KB 34ms
33ms Script
application/javascript 2a02:26f0:3500:592::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://my.stuff.co.nz/js/sessionManagement/sessionManagement-1a4f0e5bb1523762a6a2a7c60c9c11cf.js
Requested by: Host: my.stuff.co.nz
URL: https://my.stuff.co.nz/session-management
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::3871 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9ecf5cbe631f042bebb2e8bde0b900b2c1aff87a18c56d49979cf16f6cd7b1d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.stuff.co.nz/session-management
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 01:45:58 GMT
etag: "1a4f0e5bb1523762a6a2a7c60c9c11cf"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=6368439
accept-ranges: bytes
content-length: 1087

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame D457
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=26050201013146273894431301852634562067?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=26050201013146273894431301852634562067?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

42 B
960 B

32ms
32ms

Image
image/gif

3.248.73.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

HTTP/1.1

Server

3.248.73.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-73-132.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fairfax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v039-00a2419cb.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,300
X-TID: FJ31oRPRTS0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 19:17:58 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
expires: 0
cache-control: no-cache
x-server: 10.45.21.84
content-length: 0
x-consent: absent

GET
H3 200 template.bundle.1.0.css
buy-au.piano.io/widget/dist/template/css/ Frame E7CF 27 KB
5 KB 63ms
63ms Stylesheet
text/css 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-au.piano.io/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=ooaGPZ28pa&templateId=OT7A8RZIFO4E&offerId=fakeOfferId&experienceId=EX56LBDCL3RM&iframeId=offer_d69a7ec253276449135a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid-au.piano.io%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.stuff.co.nz

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/checkout/template/cacheableShow?aid=ooaGPZ28pa&templateId=OT7A8RZIFO4E&offerId=fakeOfferId&experienceId=EX56LBDCL3RM&iframeId=offer_d69a7ec253276449135a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid-au.piano.io%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.stuff.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 2847
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-au-dash-10-1-3-156
last-modified: Mon, 05 Sep 2022 03:45:30 GMT
server: cloudflare
etag: W/"27358-1662349530000"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/css
server-time: 0.001
cache-control: public, max-age=14400
cf-ray: 7471c9a2b97691d8-FRA
expires: Wed, 07 Sep 2022 23:17:58 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame E7CF 95 KB
30 KB 47ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 527321
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30360
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4Bgj25W6D1sjIbqORINSQe5z2D39L7OYaucimdobEZ5ua%2BYaYVwsxgyoxGfvlA9LMgjswXNwAA0Th3G809IJ3hIhibocLQfP%2BnFWAwfIAQXAmh6uWHWJLaWt31E%2BG7P%2BP3FCU0bopIkP7yewPWrNxMK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7471c9a2ead29b2e-FRA
expires: Mon, 28 Aug 2023 19:17:58 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame E7CF 10 KB
4 KB 56ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1290489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3550
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3wDilndQxodwK2zGeqjZYuGq%2FvxCbIZaNmvJMtQeaCFip4Cj5Te4vVXdQgAcrE9u1%2FjGAiwC%2FeKJTs5rGE2xrnQbfak37Ngdx8mF8FSvNQjBgCKU%2F%2BW5ufPjTpUEQ0DK%2FMPS5vOPUMBBeZhie6bRWLN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7471c9a2ead49b2e-FRA
expires: Mon, 28 Aug 2023 19:17:58 GMT

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E7CF 104 KB
35 KB 51ms
23ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 142397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35086
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-1a191"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gG%2B7FMAiDGMisYYmniP12eoVN1U0%2F8Ge3gmTrwzzg1IX31nt0XCZhZ%2F8HkNOGzkDZJA8Ax2pWWWEgsLz4kmqhfcj0KpVeMdIONd4h3V5G7Xkyxi08Qp3PvsWpqMP6dLVfeZgwDULCX1w5ByMf5JMrsTE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7471c9a2ead69b2e-FRA
expires: Mon, 28 Aug 2023 19:17:58 GMT

GET
H2 200 angular-animate.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.2.22/ Frame E7CF 11 KB
12 KB 40ms
8ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.2.22/angular-animate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:10:17 GMT
x-content-type-options: nosniff
age: 587261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11221
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Sep 2023 00:10:17 GMT

GET
H2 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E7CF 825 B
828 B 57ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1294273
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 434
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-339"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXWVuUjxic%2BGidKFArt3AL5ZCaKJwPGljzugDbkbUdgL6ufo%2FavbPh8%2Blk%2Bo093ZdcDT0Am2ErsQI0g5zSOqBBDmsrX%2BvZD1yLy5REJ6Zrf4Cjj8J%2Brbk4NZKbEjlLKZvrtM95HMwIldcDeImRdZPsBc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7471c9a2ead79b2e-FRA
expires: Mon, 28 Aug 2023 19:17:58 GMT

GET
H2 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E7CF 4 KB
2 KB 48ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1207152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2171
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-11cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9%2Bttb7yWGSEzEvKeTpkSJLjPkWVsDvwJtz5Tkb4uDOTAuuyimFuUHJyawHyFxgBCLcRKML4Q%2F%2FWQ0ky1Lt%2BeFv6u3KfQDfyfWvh%2BATO3AyIicQvqvKcVnOVx%2BcWghSLviz%2BqPLPEZmr3k9kcYwtdAvX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7471c9a2eada9b2e-FRA
expires: Mon, 28 Aug 2023 19:17:58 GMT

GET
H2 200 tmhDynamicLocale.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame E7CF 3 KB
1 KB 67ms
40ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 953
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d1b-ad6"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dd5mG%2FwPfetbL%2BE86dxeI6lh7gkyPfHhsKUllXGQN5ARWAXltiUtAal8LKpcbtrDPxpZX3VvjDitduT5BkBHuvNbI0GA4KWOcGNLTrC%2BUeiSDsqB9G5iUduXNbtjOMjpUx79gmik2dNvoDNXZVAi8cxS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7471c9a2eadb9b2e-FRA
expires: Mon, 28 Aug 2023 19:17:58 GMT

GET
H2 200 angular-ui-utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame E7CF 23 KB
8 KB 48ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4233804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7490
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-5b33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FauKBAMatsBmXr8Q8QiMaQNhF9C9nhsZswC1x1brWrj4eQ4vvdDvcvcyh3uhnU7nyKnOmElj%2Bd%2B5LS1cuzUfLiSuf6a9w7Dgbh7R9hwRrhrKHwJimug41MRI7nPTLv%2BUqrEKGgDMbqHG9OGOinWfPLvr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7471c9a2eadd9b2e-FRA
expires: Mon, 28 Aug 2023 19:17:58 GMT

GET
H2 200 angular-ui-ieshiv.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame E7CF 2 KB
1 KB 46ms
19ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9071168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 910
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-93c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwrfrrY%2BCQpt4dNBDh956gofh2Sokm5NzPf1mKClcoy51%2Fq6hP1HMMlwf3W1JBGbENm6PtCLUUSTOSBbUx9Osbtv2nUMKwOTNrVeEeYXWyYj4MrN9peqVxBSETAoC%2BvCNVJOXYRuYrD9U3dlgZCdwhn8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7471c9a2eadc9b2e-FRA
expires: Mon, 28 Aug 2023 19:17:58 GMT

GET
H2 200 angular-ui-router.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame E7CF 20 KB
7 KB 53ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 524656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6934
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-4f8f"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXT7Cghi4ERK91sUkO8v5Wqpbfe0BVc4wNsKpzjAaTJ14QAfkENRt8o1adEYpSWfJB%2By%2FKcaHwDfQtAJ4DWgYhIC09JPNhqZl9TvqYe5IMYsQ4iyffa6EJXYtesDmr2Uyq6SMGCICwTusVyJVOuz5VgX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7471c9a2fae09b2e-FRA
expires: Mon, 28 Aug 2023 19:17:58 GMT

GET
H3 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy-au.piano.io/_sam/ Frame E7CF 114 KB
36 KB 49ms
48ms Script
text/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-au.piano.io/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=14.265.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3981b1db3de18ae74a074167e1d1bcab1b1762ff521ec6469c9543a690453de

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/checkout/template/cacheableShow?aid=ooaGPZ28pa&templateId=OT7A8RZIFO4E&offerId=fakeOfferId&experienceId=EX56LBDCL3RM&iframeId=offer_d69a7ec253276449135a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid-au.piano.io%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.stuff.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2847
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-au-dash-10-1-3-156
last-modified: Mon, 05 Sep 2022 23:21:56 GMT
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/javascript
server-time: 0.000
cache-control: public, max-age=601953
x-optimized-by: _sam
cf-ray: 7471c9a2c99091d8-FRA
expires: Wed, 14 Sep 2022 18:30:31 GMT

GET
H2 200 stuff-strap-cfed86c3cf61b71485f76e59f1b7fc953fa38d95.0d48461892f597aaf46db8ab4c13a5dd.css
cdn.neighbourly.co.nz/compiled/extract-css/ Frame 479A 69 KB
69 KB 15ms
13ms Stylesheet
text/css 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.neighbourly.co.nz/compiled/extract-css/stuff-strap-cfed86c3cf61b71485f76e59f1b7fc953fa38d95.0d48461892f597aaf46db8ab4c13a5dd.css
Requested by: Host: www.neighbourly.co.nz
URL: https://www.neighbourly.co.nz/stuff/1233/hide-realestate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 515d56cc7401c93f254706477fb1651775d2c0ae20add0d7fbb8f0092bbd5095

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 549787
x-cache: HIT, HIT
content-length: 70524
x-amz-id-2: jF8b+cb6/DUQ4fNiRYkRfCOhbLlVvmNKGg6DVajCQzd0bof8J3T9ewni/VcUiTyK0dzr2aNU/QA=
x-served-by: cache-akl10320-AKL, cache-hhn4078-HHN
last-modified: Tue, 08 Jun 2021 00:24:58 GMT
server: AmazonS3
x-timer: S1662578279.944794,VS0,VE1
etag: "0d48461892f597aaf46db8ab4c13a5dd"
x-amz-request-id: 73D1EG69DNYPN6DE
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 13608, 1

GET
H2 200 realestate-widget-e5eb6eb71fdedef7e5460ca05edbe45d21c7db93.64cca90f003aaf519faf7286bc47e746.css
cdn.neighbourly.co.nz/compiled/extract-css/ Frame 479A 13 KB
13 KB 25ms
23ms Stylesheet
text/css 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.neighbourly.co.nz/compiled/extract-css/realestate-widget-e5eb6eb71fdedef7e5460ca05edbe45d21c7db93.64cca90f003aaf519faf7286bc47e746.css
Requested by: Host: www.neighbourly.co.nz
URL: https://www.neighbourly.co.nz/stuff/1233/hide-realestate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 702af84ee1025ed93d061b69a948cbb191393867c5643f681bd2291d8c3d6bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 2009202
x-cache: HIT, HIT
content-length: 13453
x-amz-id-2: gdnAwSXJCeNuVW3Vv9QQBY9GmaK22TbO8Nil/Nu3eP5iENrDxqKIpm0T1AIZIr4meWj0tH0dzR0=
x-served-by: cache-akl10327-AKL, cache-hhn4078-HHN
last-modified: Mon, 14 Feb 2022 22:58:19 GMT
server: AmazonS3
x-timer: S1662578279.944761,VS0,VE11
etag: "64cca90f003aaf519faf7286bc47e746"
x-amz-request-id: Y68SQNDA2GN095WH
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 12665, 1

GET
H2 200 node-static.d0be975467d21eb64843.js Show response
cdn.neighbourly.co.nz/compiled/ Frame 479A 12 KB
12 KB 11ms
10ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.neighbourly.co.nz/compiled/node-static.d0be975467d21eb64843.js
Requested by: Host: www.neighbourly.co.nz
URL: https://www.neighbourly.co.nz/stuff/1233/hide-realestate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bafb226ce908c370462ac78ef6f6027e4bcae18d90b9336450d9136faacf36c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 1168736
x-cache: HIT, HIT
content-length: 12473
x-amz-id-2: Ykuwb0Wnont6QiqDDeAGaamvMoZo1QOsNfDz5AEIKFWccdw9sbM9wjoS3TbX/kEzrciez8g/eWs=
x-served-by: cache-akl10333-AKL, cache-hhn4078-HHN
last-modified: Tue, 26 Jul 2022 06:38:59 GMT
server: AmazonS3
x-timer: S1662578279.944725,VS0,VE0
etag: "bba7e3f61fd0d22b21fd0c171057e420"
x-amz-request-id: EPPP01EXA7C1SX9K
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 71524, 2

GET
H2 200 index_stuff_widget-432add5598bd44309ff476ccb0c0d82a5896674c.8928f09660f6554899ec.js Show response
cdn.neighbourly.co.nz/compiled/ Frame 479A 131 KB
132 KB 12ms
11ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.neighbourly.co.nz/compiled/index_stuff_widget-432add5598bd44309ff476ccb0c0d82a5896674c.8928f09660f6554899ec.js
Requested by: Host: www.neighbourly.co.nz
URL: https://www.neighbourly.co.nz/stuff/1233/hide-realestate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eaf0ba14a993e371dc5ad2b2ea21ef444560320f3f8c7a3b56886adca84b8bed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 2002716
x-cache: HIT, HIT
content-length: 134384
x-amz-id-2: b/JrB/ysWH9X58koS5+mB3AoNPXh2vN9uDj7HzJpfKojbm1k8niD+Barqu90f/BZDktQFylUoR8=
x-served-by: cache-akl10335-AKL, cache-hhn4078-HHN
last-modified: Thu, 11 Aug 2022 03:34:50 GMT
server: AmazonS3
x-timer: S1662578279.944691,VS0,VE0
etag: "c918226e6f631cd994408627cffea4a7"
x-amz-request-id: P0AKT5DWNQABMJGR
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 5314, 145

GET
H2 200 631325401dbc72.57324679.jpeg
cdn.neighbourly.co.nz/images/cache/message_image_thumbnail_stuffapp/message_images/ Frame 479A 10 KB
10 KB 11ms
11ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/message_image_thumbnail_stuffapp/message_images/631325401dbc72.57324679.jpeg
Requested by: Host: www.neighbourly.co.nz
URL: https://www.neighbourly.co.nz/stuff/1233/hide-realestate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 9c674cd064c3e3694a9561fff553c14ea49f9cec31a6257eac9709ec5db7d22b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 379095
x-cache: HIT, HIT
fastly-io-info: ifsz=9968 idim=300x200 ifmt=jpeg ofsz=9968 odim=300x200 ofmt=jpeg
fastly-stats: io=1
content-length: 9968
fastly-io-warning: Failed to shrink image
x-served-by: cache-akl10327-AKL, cache-hhn4078-HHN
expires: Mon, 03 Oct 2022 09:59:43 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.087469,VS0,VE0
etag: "52dI1MHgHvTTZQxXm5x+KCf+4ZxokkqisSzeheCQqZ8"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 3, 383

GET
H2 200 fairfax_tracking.js Show response
cdn.neighbourly.co.nz/js/ Frame 479A 47 KB
47 KB 14ms
14ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.neighbourly.co.nz/js/fairfax_tracking.js
Requested by: Host: www.neighbourly.co.nz
URL: https://www.neighbourly.co.nz/stuff/1233/hide-realestate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9782175135a2aa782bd506a89b21e2e8572f70a7abc39686e21a42377aaac98c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 2009204
x-cache: HIT, HIT
content-length: 47907
x-amz-id-2: zRxnE8ZBEMDfvItJYB35Lw5YiddiiSFVVS33UpTDIqGPzBGeiwFDW2hcEA9o5qMBfDgzOg8bZtQ=
x-served-by: cache-akl10322-AKL, cache-hhn4078-HHN
last-modified: Thu, 11 Aug 2022 03:34:54 GMT
server: AmazonS3
x-timer: S1662578279.087507,VS0,VE3
etag: "50ffb651114f27bf225a0e1ed2b965dc"
x-amz-request-id: EKHPJZ2GMMNDXCMK
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 3551, 1

GET
H3 200 fail-icon.png
buy-au.piano.io/widget/dist/template/css/img/ Frame E7CF 2 KB
2 KB 29ms
29ms Image
image/png 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy-au.piano.io/widget/dist/template/css/img/fail-icon.png

Requested by

Host: buy-au.piano.io
URL: https://buy-au.piano.io/widget/dist/template/css/template.bundle.1.0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/widget/dist/template/css/template.bundle.1.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 741
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2177
wn: prod-au-dash-10-1-4-44
last-modified: Mon, 05 Sep 2022 23:21:56 GMT
server: cloudflare
etag: W/"2177-1662420116000"
strict-transport-security: max-age=86400; includeSubDomains
content-type: image/png
server-time: 0.000
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7471c9a3cb5791d8-FRA
expires: Wed, 07 Sep 2022 23:17:59 GMT

GET
H2 200 STUFFSANSWEB-SemiBold.woff2
i.piano.io/managedservices/stuff/fonts/ Frame E7CF 34 KB
35 KB 63ms
26ms Font
application/octet-stream 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i.piano.io/managedservices/stuff/fonts/STUFFSANSWEB-SemiBold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5522fa3faddd44754a3031f0cea90f32c4da5ca5246a91be3f88fd58478d2005

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy-au.piano.io/
Origin: https://buy-au.piano.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 dadbd3993b5303886df72c2fdce172ca.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 2546
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34928
last-modified: Tue, 17 May 2022 09:06:44 GMT
server: cloudflare
etag: "c0f391724faf1f645baa4e7063639d47"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=14400
x-amz-cf-pop: MAD51-C2
accept-ranges: bytes
cf-ray: 7471c9a3fd539b31-FRA
x-amz-cf-id: V_i_ZzM2PsecQ630W32SjHFtWxOSo_3FWk8ILEEJ5xNNYSkytwF3HQ==
expires: Wed, 07 Sep 2022 23:17:59 GMT

GET
H2 200 STUFFSANSWEB-Regular.woff2
i.piano.io/managedservices/stuff/fonts/ Frame E7CF 34 KB
34 KB 66ms
29ms Font
application/octet-stream 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i.piano.io/managedservices/stuff/fonts/STUFFSANSWEB-Regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eba8e146cb4aeb1da575bb17f8961d2594d0f60af6d7eaed5cdc95c4dcd451a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy-au.piano.io/
Origin: https://buy-au.piano.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 84edc0906da5023aac71c5fb4a35cd88.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 2546
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34328
last-modified: Tue, 17 May 2022 09:06:45 GMT
server: cloudflare
etag: "fe6cd12a1cf8b8619df8988d8a9de8a6"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=14400
x-amz-cf-pop: MAD51-C2
accept-ranges: bytes
cf-ray: 7471c9a3fd549b31-FRA
x-amz-cf-id: PVf36CUXa77HdD4UWWvhPbZSN23kklV9Df2c0lTUa3wb2ddNi_oQDA==
expires: Wed, 07 Sep 2022 23:17:59 GMT

GET
H2 200 STUFFSANSWEB-Medium.woff2
i.piano.io/managedservices/stuff/fonts/ Frame E7CF 34 KB
34 KB 70ms
34ms Font
application/octet-stream 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i.piano.io/managedservices/stuff/fonts/STUFFSANSWEB-Medium.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa2364dedec6a43252d203e609c5a6f15a8a115004481e2713102c9623fb9435

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy-au.piano.io/
Origin: https://buy-au.piano.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 2546
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34512
last-modified: Tue, 17 May 2022 09:06:45 GMT
server: cloudflare
etag: "5ab0cd26b9190f6f68b2662a04b6c497"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=14400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 7471c9a3fd569b31-FRA
x-amz-cf-id: kF6OPLb1Ck75pJT3K0-_jAcQiyTvxTq1oyp5DUUKhRybCXuKNHhS2g==
expires: Wed, 07 Sep 2022 23:17:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 479A 4 KB
621 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: cdn.neighbourly.co.nz
URL: https://cdn.neighbourly.co.nz/compiled/extract-css/stuff-strap-cfed86c3cf61b71485f76e59f1b7fc953fa38d95.0d48461892f597aaf46db8ab4c13a5dd.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 18:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 19:17:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 19:17:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 479A 3 KB
601 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,700&display=swap

Requested by

Host: cdn.neighbourly.co.nz
URL: https://cdn.neighbourly.co.nz/compiled/extract-css/stuff-strap-cfed86c3cf61b71485f76e59f1b7fc953fa38d95.0d48461892f597aaf46db8ab4c13a5dd.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

59119d769463d6328c2791982090c033babaffd946a3616d3291db1bf6053fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 19:08:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 19:17:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 19:17:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 479A 2 KB
530 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather+Sans&display=swap

Requested by

Host: cdn.neighbourly.co.nz
URL: https://cdn.neighbourly.co.nz/compiled/extract-css/stuff-strap-cfed86c3cf61b71485f76e59f1b7fc953fa38d95.0d48461892f597aaf46db8ab4c13a5dd.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

974a6c77c74cfa614911499f6f2b436b1170ab6aea6347317fbe8834c0dcea91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 19:05:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 19:17:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 19:17:59 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 479A 118 KB
46 KB 40ms
24ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TZ4N8F

Requested by

Host: www.neighbourly.co.nz
URL: https://www.neighbourly.co.nz/stuff/1233/hide-realestate

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ade04bcbedf25ab3c61c65688eca995cbb9001828cf63d3b24378e912bf40132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46796
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Sep 2022 19:17:59 GMT

GET
H/1.1 200
OK event
fairfax.demdex.net/ Frame 479A 42 B
950 B 40ms
40ms Image
image/gif 34.255.225.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fairfax.demdex.net/event?d_sid=2451434

Requested by

Host: www.neighbourly.co.nz
URL: https://www.neighbourly.co.nz/stuff/1233/hide-realestate

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.255.225.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-225-203.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v039-0714bbbcd.edge-irl1.demdex.com 7 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: JFbUP5osT7o=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
DATA 200
OK truncated
/ Frame 479A 163 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cecd9adf88bbfb60123792aed2cf479b3e1f312030b257c4be306fbae318cd6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 479A 278 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 984ad831daf638a6b6e73e85fdcdddc6f8eea97a4121c0b9ccd1065eb95e7e74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 479A 522 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632fef57161e9004fb7e313a6b00c87202bda866706e70505a030e67d9d8a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 479A 15 KB
16 KB 30ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.neighbourly.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 181987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 479A 15 KB
15 KB 25ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.neighbourly.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 173404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:07:55 GMT

GET
H2 200 server-datetime Show response
www.neighbourly.co.nz/ Frame 479A 12 B
153 B 10ms
9ms XHR
text/html 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.neighbourly.co.nz/server-datetime

Requested by

Host: cdn.neighbourly.co.nz
URL: https://cdn.neighbourly.co.nz/compiled/index_stuff_widget-432add5598bd44309ff476ccb0c0d82a5896674c.8928f09660f6554899ec.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ad93b7e5d6d74176e70235ac0da05ef3db454ea85b0a523bce9543bc717b21d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept: */*
Referer: https://www.neighbourly.co.nz/stuff/1233/hide-realestate
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 792
x-served-by: cache-akl10333-AKL, cache-hhn4060-HHN
vary: Origin, X-UA-Device
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: public, max-age=0, s-maxage=900
strict-transport-security: max-age=31557600
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12
x-cache-hits: 104, 1

GET
H2 200 4fc0952e4a43e0d3ce83.css Show response
widgets.neighbourly.co.nz/_next/static/css/ Frame 848F 10 KB
2 KB 229ms
228ms Fetch
text/css 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.neighbourly.co.nz/_next/static/css/4fc0952e4a43e0d3ce83.css

Requested by

Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/_next/static/chunks/main-1e46f55a701e807a2387.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ce200572a95b7da0d68c820367fe15c437f32a4516c88217df94f42491660d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/showcaseplus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 02 Aug 2022 11:20:07 GMT
age: 2490
etag: W/"26ea-1825e48d258"
x-served-by: cache-akl10333-AKL, cache-hhn4043-HHN
vary: Accept-Encoding, X-UA-Device, Cookie, client-geo-postcode, client-geo-country, Cookie, client-geo-postcode, client-geo-country
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31557600
accept-ranges: bytes
content-encoding: gzip
content-length: 2391
x-cache-hits: 2, 1

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 479A 49 KB
20 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZ4N8F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 959
date: Wed, 07 Sep 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 07 Sep 2022 21:02:00 GMT

GET
H2 200 6318a480e46b14.08809632.jpeg
cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/ Frame 848F 105 KB
105 KB 14ms
11ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/6318a480e46b14.08809632.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 74eb4ae85b60f0c268fa1fe8ca58becc930e130a1057bc82d5d6cab6d9fbb6ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 18905
x-cache: MISS, HIT
fastly-io-info: ifsz=107244 idim=800x533 ifmt=jpeg ofsz=107244 odim=800x533 ofmt=jpeg
fastly-stats: io=1
content-length: 107244
fastly-io-warning: Failed to shrink image
x-served-by: cache-akl10323-AKL, cache-hhn4078-HHN
expires: Fri, 07 Oct 2022 14:02:53 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.452934,VS0,VE2
etag: "2Zg8EIry3ImNFUWfmg/1HZ9pYs2ExMyY9zWIJSQ0YNQ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 0, 1

GET
H2 200 5c6b5a0dcc4fb9.91863295.png
cdn.neighbourly.co.nz/images/cache/real_estate_office_logo_thumbnail_2x/attachments/ Frame 848F 2 KB
2 KB 11ms
8ms Image
image/png 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/real_estate_office_logo_thumbnail_2x/attachments/5c6b5a0dcc4fb9.91863295.png
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 78d34b8c32708194129f43d3952744a61306c6db3abfc4c1a336323eb99fa51f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 629182
x-cache: HIT, HIT
fastly-io-info: ifsz=3280 idim=148x59 ifmt=png ofsz=1915 odim=148x59 ofmt=png
fastly-stats: io=1
content-length: 1915
x-served-by: cache-akl10328-AKL, cache-hhn4078-HHN
expires: Wed, 31 Aug 2022 12:31:35 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.453769,VS0,VE1
etag: "ET7OhttUGs/R4RSNCuWlX5tN5WHPuADIp8IQOra7/Ik"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 23579, 1

GET
H2 200 6318a4614e44f0.23420910.jpeg
cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/ Frame 848F 111 KB
111 KB 16ms
14ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/6318a4614e44f0.23420910.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: ee748954eafbc893449bcb12f5f1d521ece9f361cb13bd40bfe93c49d396408f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 18939
x-cache: HIT, HIT
fastly-io-info: ifsz=113888 idim=800x534 ifmt=jpeg ofsz=113888 odim=800x534 ofmt=jpeg
fastly-stats: io=1
content-length: 113888
fastly-io-warning: Failed to shrink image
x-served-by: cache-akl10326-AKL, cache-hhn4078-HHN
expires: Fri, 07 Oct 2022 14:02:19 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.454666,VS0,VE1
etag: "kjHSP/gx1p8C2OfyxAMFg4xxrPjzlLY8jQ9k1Bt49J8"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1, 1

GET
H2 200 5c6ba604805ec0.14358269.png
cdn.neighbourly.co.nz/images/cache/real_estate_office_logo_thumbnail_2x/attachments/ Frame 848F 2 KB
2 KB 22ms
19ms Image
image/png 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/real_estate_office_logo_thumbnail_2x/attachments/5c6ba604805ec0.14358269.png
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 78d34b8c32708194129f43d3952744a61306c6db3abfc4c1a336323eb99fa51f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 350296
x-cache: HIT, HIT
fastly-io-info: ifsz=3280 idim=148x59 ifmt=png ofsz=1915 odim=148x59 ofmt=png
fastly-stats: io=1
content-length: 1915
x-served-by: cache-akl10326-AKL, cache-hhn4078-HHN
expires: Sat, 03 Sep 2022 17:59:41 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.454636,VS0,VE1
etag: "ET7OhttUGs/R4RSNCuWlX5tN5WHPuADIp8IQOra7/Ik"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 110223, 1

GET
H2 200 6318a446e6fdb5.87791510.jpeg
cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/ Frame 848F 61 KB
61 KB 19ms
16ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/6318a446e6fdb5.87791510.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 89fc79d987b99dd12b593e541466f9be361332ef2fc7bd5c198f6bb3a92ced5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 18965
x-cache: HIT, HIT
fastly-io-info: ifsz=62419 idim=800x534 ifmt=jpeg ofsz=62419 odim=800x534 ofmt=jpeg
fastly-stats: io=1
content-length: 62419
fastly-io-warning: Failed to shrink image
x-served-by: cache-akl10332-AKL, cache-hhn4078-HHN
expires: Fri, 07 Oct 2022 14:01:53 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.454660,VS0,VE1
etag: "5LI7LT8mLWhFqp8W6OrzK6aSXbB1g66YmRhJmlaOSfk"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 2, 1

GET
H2 200 63181ed69ee5e8.39315283.jpeg
cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/ Frame 848F 102 KB
103 KB 11ms
9ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/63181ed69ee5e8.39315283.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 4f9bb814f7424c0dcd1f3924e9001ddfee426f5734bb070b8e5463e04dca941a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 53127
x-cache: MISS, HIT
fastly-io-info: ifsz=104913 idim=800x600 ifmt=jpeg ofsz=104913 odim=800x600 ofmt=jpeg
fastly-stats: io=1
content-length: 104913
fastly-io-warning: Failed to shrink image
x-served-by: cache-akl10322-AKL, cache-hhn4078-HHN
expires: Fri, 07 Oct 2022 04:32:31 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.454603,VS0,VE0
etag: "42RHGl/vQsxSd6DhC++DUogIGMH70I35de/Sm1jmNIw"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 0, 3

GET
H2 200 613fe1e7d95d67.23353131.jpeg
cdn.neighbourly.co.nz/images/cache/real_estate_office_logo_thumbnail_2x/attachments/ Frame 848F 2 KB
2 KB 22ms
20ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/real_estate_office_logo_thumbnail_2x/attachments/613fe1e7d95d67.23353131.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 74bb66694812e2f751acb9c919b880f7fc7872afe56af98db37e2df60b1cadd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 2002684
x-cache: HIT, HIT
fastly-io-info: ifsz=2131 idim=148x60 ifmt=jpeg ofsz=2131 odim=148x60 ofmt=jpeg
fastly-stats: io=1
content-length: 2131
fastly-io-warning: Failed to shrink image
x-served-by: cache-akl10326-AKL, cache-hhn4078-HHN
expires: Wed, 14 Sep 2022 14:59:55 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.454560,VS0,VE2
etag: "N5vMuQnFdoh0ESKI4M/LOyymH86bJHQkSym9Mb6eAxQ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 58, 1

GET
H2 200 63181e2358f260.92440976.jpeg
cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/ Frame 848F 105 KB
105 KB 18ms
16ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/63181e2358f260.92440976.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: a24bd9c44cb90f06a11109a0719b5a823c3cba9427a5be6d85c38f5df824e86e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 50548
x-cache: HIT, HIT
fastly-io-info: ifsz=107619 idim=800x533 ifmt=jpeg ofsz=107619 odim=800x533 ofmt=jpeg
fastly-stats: io=1
content-length: 107619
fastly-io-warning: Failed to shrink image
x-served-by: cache-akl10327-AKL, cache-hhn4078-HHN
expires: Fri, 07 Oct 2022 05:15:31 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.454565,VS0,VE1
etag: "YYJxAxIkp6P9TH7glE5jkRtOfAY6E3a9XLLcFvgIZds"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 3, 1

GET
H2 200 5aa9dd6590a3a2.76198839.jpeg
cdn.neighbourly.co.nz/images/cache/real_estate_office_logo_thumbnail_2x/attachments/ Frame 848F 1 KB
2 KB 19ms
17ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/real_estate_office_logo_thumbnail_2x/attachments/5aa9dd6590a3a2.76198839.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e40fe1015fc6914e48d65ecec07bdc4ac3741183473f51499329ffcdeaa4e8a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 2249596
x-cache: HIT, HIT
fastly-io-info: ifsz=1349 idim=60x60 ifmt=jpeg ofsz=1349 odim=60x60 ofmt=jpeg
fastly-stats: io=1
content-length: 1349
fastly-io-warning: Failed to shrink image
x-served-by: cache-akl10323-AKL, cache-hhn4078-HHN
expires: Sun, 11 Sep 2022 18:24:43 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.454519,VS0,VE1
etag: "Ama6yx6thjV1v5cD0O3jbNda3Nxy0tNc5vs5OEdVm7c"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 25734, 1

GET
H2 200 63181b2c2df401.94110935.jpeg
cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/ Frame 848F 91 KB
92 KB 22ms
20ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/63181b2c2df401.94110935.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: d12f19f643104ef9335eb68f47dec065bed6d29cfe2e4b07d2284193f2ae64f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 54070
x-cache: HIT, HIT
fastly-io-info: ifsz=93483 idim=800x600 ifmt=jpeg ofsz=93483 odim=800x600 ofmt=jpeg
fastly-stats: io=1
content-length: 93483
fastly-io-warning: Failed to shrink image
x-served-by: cache-akl10327-AKL, cache-hhn4078-HHN
expires: Fri, 07 Oct 2022 04:16:48 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.454493,VS0,VE3
etag: "yxxyhIoDZygL7WG/HMpqfxrD1u4uf8r8quNug6RmWf8"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 5, 1

GET
H2 200 630d475290a689.53092094.png
cdn.neighbourly.co.nz/images/cache/real_estate_office_logo_thumbnail_2x/attachments/ Frame 848F 1 KB
1 KB 23ms
21ms Image
image/png 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/real_estate_office_logo_thumbnail_2x/attachments/630d475290a689.53092094.png
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: eab63a4b60390e5e089933a538b69d19d138d9f464ab3f7e58045edd0fe1c829

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 763656
x-cache: HIT, HIT
fastly-io-info: ifsz=3470 idim=148x59 ifmt=png ofsz=1226 odim=148x59 ofmt=png
fastly-stats: io=1
content-length: 1226
x-served-by: cache-akl10328-AKL, cache-hhn4078-HHN
expires: Wed, 28 Sep 2022 23:10:22 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.460253,VS0,VE1
etag: "3anr4NkEShClyu0QA9mdgL66QaJqWmaeX3K6Zqwr9Zc"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 18, 1

GET
H2 200 631817943b0e63.40969946.jpeg
cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/ Frame 848F 67 KB
67 KB 27ms
26ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/631817943b0e63.40969946.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: af302f94b7d8558cc9f4903f6a135f414065b9a43b04c16abd7d5494619e259b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 54984
x-cache: HIT, HIT
fastly-io-info: ifsz=68686 idim=800x534 ifmt=jpeg ofsz=68686 odim=800x534 ofmt=jpeg
fastly-stats: io=1
content-length: 68686
fastly-io-warning: Failed to shrink image
x-served-by: cache-akl10322-AKL, cache-hhn4078-HHN
expires: Fri, 07 Oct 2022 04:01:34 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.460224,VS0,VE5
etag: "C8I/LkR/sGz82g159EL/Tyz8L0PTNcA71i8Hg/6YgHM"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1, 1

GET
H2 200 5d94e6bff354e0.49565916.jpeg
cdn.neighbourly.co.nz/images/cache/real_estate_office_logo_thumbnail_2x/attachments/ Frame 848F 3 KB
4 KB 25ms
23ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/real_estate_office_logo_thumbnail_2x/attachments/5d94e6bff354e0.49565916.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 4789e2561c1fef79d36ebb44c1d34b2d2df34ce4a589d3a3272bae272294c976

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 1731663
x-cache: HIT, HIT
fastly-io-info: ifsz=3609 idim=147x60 ifmt=jpeg ofsz=3570 odim=147x60 ofmt=jpeg
fastly-stats: io=1
content-length: 3570
x-served-by: cache-akl10325-AKL, cache-hhn4078-HHN
expires: Sat, 17 Sep 2022 18:16:56 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.460202,VS0,VE1
etag: "yhAGy+BOC6Sdn8AJBzgW7NMl3DE8ySkn7aHxzPUTcQI"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 55207, 1

GET
H2 200 631815258764e4.87895065.jpeg
cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/ Frame 848F 73 KB
74 KB 26ms
24ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/631815258764e4.87895065.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 5ee5ed452e846a3a90ad1be1f975d8711e74967f52f9a86b6f23441527b9e7da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 55605
x-cache: HIT, HIT
fastly-io-info: ifsz=75074 idim=800x534 ifmt=jpeg ofsz=75074 odim=800x534 ofmt=jpeg
fastly-stats: io=1
content-length: 75074
fastly-io-warning: Failed to shrink image
x-served-by: cache-akl10324-AKL, cache-hhn4078-HHN
expires: Fri, 07 Oct 2022 03:51:13 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.460202,VS0,VE2
etag: "GE74dlrcadcYYBLPEvttESmBYDPAjAFyEeNNSb5lfC8"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 3, 1

GET
H2 200 5c6b59c1c57ac5.33877074.png
cdn.neighbourly.co.nz/images/cache/real_estate_office_logo_thumbnail_2x/attachments/ Frame 848F 2 KB
2 KB 22ms
21ms Image
image/png 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/real_estate_office_logo_thumbnail_2x/attachments/5c6b59c1c57ac5.33877074.png
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 78d34b8c32708194129f43d3952744a61306c6db3abfc4c1a336323eb99fa51f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 1561620
x-cache: HIT, HIT
fastly-io-info: ifsz=3280 idim=148x59 ifmt=png ofsz=1915 odim=148x59 ofmt=png
fastly-stats: io=1
content-length: 1915
x-served-by: cache-akl10330-AKL, cache-hhn4078-HHN
expires: Mon, 19 Sep 2022 17:30:59 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.460096,VS0,VE1
etag: "ET7OhttUGs/R4RSNCuWlX5tN5WHPuADIp8IQOra7/Ik"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 13782, 1

GET
H2 200 6318131b5ab4a6.83787381.jpeg
cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/ Frame 848F 89 KB
90 KB 24ms
23ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/6318131b5ab4a6.83787381.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 358c81db58ad24fd87590c32620523f31f27a00783102e24cb7426abafbd8837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 56135
x-cache: HIT, HIT
fastly-io-info: ifsz=91467 idim=800x600 ifmt=jpeg ofsz=91467 odim=800x600 ofmt=jpeg
fastly-stats: io=1
content-length: 91467
fastly-io-warning: Failed to shrink image
x-served-by: cache-akl10332-AKL, cache-hhn4078-HHN
expires: Fri, 07 Oct 2022 03:42:22 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.460082,VS0,VE2
etag: "YJyntCW5oVFKhnVKlXw6CNlLSOFCQy2ulc+DP/cwkbE"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 3, 1

GET
H2 200 63181065117168.21234050.jpeg
cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/ Frame 848F 103 KB
103 KB 23ms
22ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neighbourly.co.nz/images/cache/800_low_quality/realestate_listing_images/63181065117168.21234050.jpeg
Requested by: Host: widgets.neighbourly.co.nz
URL: https://widgets.neighbourly.co.nz/showcaseplus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 3f3c351c671ee2a2b786072b483678d04c3597194be505d6260f8ebb50b9845f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.neighbourly.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 56831
x-cache: HIT, HIT
fastly-io-info: ifsz=105460 idim=800x600 ifmt=jpeg ofsz=105460 odim=800x600 ofmt=jpeg
fastly-stats: io=1
content-length: 105460
fastly-io-warning: Failed to shrink image
x-served-by: cache-akl10335-AKL, cache-hhn4078-HHN
expires: Fri, 07 Oct 2022 03:30:48 GMT
server: Apache/2.4.18 (Ubuntu)
x-timer: S1662578279.460044,VS0,VE1
etag: "Irc048e7hX7F6qucnmvBOG2zhNjUTrXmf/LLf8rmnZo"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Date, Age
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 4, 1

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 848F 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://widgets.neighbourly.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 173404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:07:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 848F 15 KB
16 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://widgets.neighbourly.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 181987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 16:44:52 GMT

GET
H2 200 /
re.sajari.com/ 48 B
48 B 245ms
153ms Image
image/gif 2a00:1450:4001:80b::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://re.sajari.com/?company=1652929874842864747&collection=stuff-crawl-dev&cc.co=1652929874842864747&cc.pr=stuff-crawl-dev&p.ga=1662743608&p.id=1662578277945.274859&e.id=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&ec.ti=Ransomware%20attack%3A%20Waikato%20DHB%20supporting%20patients%20after%20documents%20dumped%20online%20%7C%20Stuff.co.nz&ec.de=Health%20Minister%20Andrew%20Little%20promises%20independent%20inquiry%20into%20ransomware%20attack%20after%20the%20DHB%20recovers.&ec.ke=&canonical=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&bodyChecksum=4381678596b6b56c8835794779b6ca79&metaChecksum=520234509326f0d0ee78751602319426&meta%5Bviewport%5D=width%3Ddevice-width%2C%20initial-scale%3D1.0&meta%5Brobots%5D=noarchive%2C%20max-image-preview%3Alarge&meta%5Bformat-detection%5D=telephone%3Dno&meta%5Bfb%3Aapp_id%5D=207633159308175&meta%5Bverify-v1%5D=RazNiYjuvNuEsMeFXxfR9l9cDZIKxcq2VjQZA25CHgM%3D&meta%5Bmsapplication-config%5D=%2Fsics-assets%2Fimages%2Ffavicons_v2%2Fbrowserconfig.xml&meta%5Btheme-color%5D=%23ffffff&meta%5Bdescription%5D=Health%20Minister%20Andrew%20Little%20promises%20independent%20inquiry%20into%20ransomware%20attack%20after%20the%20DHB%20recovers.&meta%5Bsource%5D=Stuff&meta%5Bog%3Adescription%5D=Health%20Minister%20Andrew%20Little%20promises%20independent%20inquiry%20into%20ransomware%20attack%20after%20the%20DHB%20recovers.&meta%5Bog%3Atitle%5D=Ransomware%20attack%3A%20Waikato%20DHB%20supporting%20patients%20after%20documents%20dumped%20online&meta%5Bog%3Aurl%5D=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&meta%5Bog%3Atype%5D=article&meta%5Bog%3Aimage%5D=https%3A%2F%2Fresources.stuff.co.nz%2Fcontent%2Fdam%2Fimages%2F4%2Fy%2Fs%2Fu%2Fd%2Fb%2Fimage.related.StuffLandscapeSixteenByNine.1420x800.22rvh5.png%2F1624943285240.jpg&meta%5Bog%3Asite_name%5D=Stuff&meta%5Barticle%3Apublished_time%5D=2021-06-29T05%3A08%3A04.262Z&meta%5Bfb%3Apages%5D=21253884267&meta%5Bparsely-type%5D=post&meta%5Bparsely-title%5D=Ransomware%20attack%3A%20Waikato%20DHB%20supporting%20patients%20after%20documents%20dumped%20online&meta%5Bparsely-link%5D=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089&meta%5Bparsely-image-url%5D=https%3A%2F%2Fresources.stuff.co.nz%2Fcontent%2Fdam%2Fimages%2F4%2Fy%2Fs%2Fu%2Fd%2Fb%2Fimage.related.StuffLandscapeSixteenByNine.1420x800.22rvh5.png%2F1624943285240.jpg&meta%5Bparsely-pub-date%5D=2021-06-29T05%3A08%3A04.262Z&meta%5Bparsely-author%5D=Tom%20Pullar-Strecker&meta%5Bauthor%5D=Tom%20Pullar-Strecker%2Cauthor&meta%5Bparsely-section%5D=business&meta%5Bparsely-tags%5D=business&meta%5Btags%5D=business%2Ctags&meta%5Bparsely-post-id%5D=125592089&meta%5Barticle%3Asection%5D=business&meta%5Barticle%3Amodified%5D=2021-06-29T05%3A08%3A04.262Z&meta%5Bpublished_time%5D=article%3Apublished_time
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-cloud-trace-context: 5e5cf241ba0f5e4141870c377e879a75
server: Google Frontend
date: Wed, 07 Sep 2022 19:17:59 GMT
content-length: 48
content-type: image/gif

GET
H2 200 RC71854f6df4ba497abb522790b0bca466-source.min.js Show response
assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/ 696 B
698 B 18ms
18ms Script
application/x-javascript 2a02:26f0:ea:489::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/RC71854f6df4ba497abb522790b0bca466-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:489::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3c038cfbe139775e4f3cdf178631db05bcb18b02a0ac286fdb72c2bb92b1c98c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 01:39:51 GMT
server: AkamaiNetStorage
etag: "9793a44f79780beea337fcb9fb34d13c:1659317991.177343"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.stuff.co.nz
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 432
expires: Wed, 07 Sep 2022 20:17:59 GMT

GET
H2 200 RC6877a9dbda0d45fd923d5d362feb4ec2-source.min.js Show response
assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/ 797 B
670 B 19ms
19ms Script
application/x-javascript 2a02:26f0:ea:489::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/RC6877a9dbda0d45fd923d5d362feb4ec2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:489::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2b50c05a7f67bb2af3c6622362567076243096d361625d4b17a3d906b0b6ce0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:17:59 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 01:39:51 GMT
server: AkamaiNetStorage
etag: "9793a44f79780beea337fcb9fb34d13c:1659317991.177343"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.stuff.co.nz
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 404
expires: Wed, 07 Sep 2022 20:17:59 GMT

GET
H2 200 aacxs.php Show response
c.aaxads.com/ Frame 9E6E 22 KB
9 KB 41ms
41ms Document
text/html 184.29.193.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aacxs.php?flg=AAX76609S&fv=1&fy=37&ke=1&suylg=263%2C167%2C89%2C310%2C203%2C368%2C206%2C292%2C271%2C241%2C251%2C356%2C272%2C213%2C282%2C209%2C229%2C195%2C267%2C3004%2C159%2C214&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Requested by

Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX76609S&hst=www.stuff.co.nz&ver=1.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.29.193.239 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-29-193-239.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

71d0ed9533c02aabf9a8a1188a699f8f6d7eabcf403760b48fdd3abbcafb40ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8654
content-type: text/html; charset=UTF-8
date: Wed, 07 Sep 2022 19:17:59 GMT
expires: Fri, 09 Sep 2022 19:17:59 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK log
c21lg-d.media.net/ Frame 9E6E 35 B
329 B 332ms
166ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?___stu13p=5idgihgb3r73nr56xnl0ch00yxnzunr&gho=1&yvlg=3055798798173308000V10&ruljlq=1&iow=0&syjlg[]=028AAX&syjlg[]=041AAX&syjlg[]=054AAX&syjlg[]=076AAX&syjlg[]=080AAX&syjlg[]=097AAX&syjlg[]=109AAX
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAX76609S&fv=1&fy=37&ke=1&suylg=263%2C167%2C89%2C310%2C203%2C368%2C206%2C292%2C271%2C241%2C251%2C356%2C272%2C213%2C282%2C209%2C229%2C195%2C267%2C3004%2C159%2C214&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.aaxads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 19:17:59 GMT
Server: Jetty(9.4.35.v20201120)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Wed, 07 Sep 2022 19:17:59 GMT

GET
H/1.1 204
No Content b
ds-aksb-a.akamaihd.net/2/651814/ 0
269 B 8ms
7ms Image
text/html 2a02:26f0:3500:e::1732:834e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ds-aksb-a.akamaihd.net/2/651814/b?dE=59&cS=59&cE=90&rqS=90&rsS=629&rsE=640&sS=68&dl=638&di=1175&fp=1168&dlS=1213&dlE=1215&dc=2970&leS=2995&leE=3001&to=&ol=0&cr=8&mt=&mb=&b=131345&u=https%3A//www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.102%20Safari/537.36&pl=Win32&us=&gh=23.36.160.135&t=&rid=541be26b&r=40891&akM=dscx&akN=ae&vc=14:17&bpcip=ag1z150z1b&akTX=1&akTI=541be26b&ai=253011&pmgn=&pmgi=&pmp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:e::1732:834e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 19:17:59 GMT
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store, private
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 0
Expires: Wed, 07 Sep 2022 19:17:59 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
596 B 37ms
37ms Image
image/gif 52.16.88.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=nz-910623&ch=nz-910623_c17_business_S&asn=business&fp_id=vyxubrlmiftwgalixglomwszosdho1662578278&fp_cr_tm=1662578278088&fp_acc_tm=1662578278088&fp_emm_tm=1662578278088&ve_id=&sessionId=xas5wvnt8fdfxhrf7wtoa6ehqehnw1662578278&prv=1&c6=vc,c17&ca=NA&c13=asid,PEC098A72-33DD-408F-96BF-B1E81199868C&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,isi44yg8zes8r1n72dh2iclkypwuk1662578278&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16625782780837885&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=125592089&c3=st,c&c64=starttm,1662578279&adid=125592089&c58=isLive,false&c59=sesid,&c61=createtm,1662578280&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&c66=mediaurl,&sdd=&c62=sendTime,1662578280&rnd=172799
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.88.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-88-31.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 19:18:00 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 RC70afc43a296841f98c234211f65c972e-source.min.js Show response
assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/ 657 B
665 B 18ms
18ms Script
application/x-javascript 2a02:26f0:ea:489::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/RC70afc43a296841f98c234211f65c972e-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:489::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a9de0b5cc458cb6c015879ca5ce1ea100339f5d315307a5b5a95476ba630c2a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:18:00 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 01:39:51 GMT
server: AkamaiNetStorage
etag: "9793a44f79780beea337fcb9fb34d13c:1659317991.177343"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.stuff.co.nz
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 400
expires: Wed, 07 Sep 2022 20:18:00 GMT

GET
H2 200 tag Show response
a.teads.tv/page/84334/ 2 KB
1 KB 158ms
41ms Script
application/javascript 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/84334/tag
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c9193654a23422beffa46afe37ae99483653dd827112d3678c889c0c505570eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:18:00 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 865
expires: Wed, 07 Sep 2022 20:18:00 GMT

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 600 KB
132 KB 10ms
10ms Script
text/javascript 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/84334/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c055220cad9ab6321c8d430056a88f8ecc1a03e77780aeced9bab04f64285e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 07 Sep 2022 19:18:00 GMT
content-encoding: br
last-modified: Tue, 06 Sep 2022 15:34:51 GMT
x-amz-request-id: 783266TXPWSS6DYV
etag: "1d45e426c09018bbda4456bde9b2c1ed"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: c
accept-ranges: bytes
content-length: 134196
x-amz-id-2: BMFIdPUKaOi1MnE9TzXpk4SkCxNjS/DMWqmfhV1P2OfV2Am0dbgWPOSF8R5NwmQlX+86YpL7MQU=
expires: Wed, 07 Sep 2022 19:48:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 161ms
41ms Image
image/gif 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=75b659c4-d66f-48ad-9713-a8953af15f92&pageId=84334&pid=117411&debug_metadata=kKccROm1xt&fv=1069&ts=1662578280673&f=1&referer=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:18:00 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 160ms
40ms Image
image/gif 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=75b659c4-d66f-48ad-9713-a8953af15f92&pageId=84334&pid=117411&slot=native&fv=1069&ts=1662578280680&f=1&referer=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:18:00 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/84334/ 540 B
573 B 68ms
68ms XHR
application/json 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/84334/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&page=%7B%22id%22%3A84334%2C%22placements%22%3A%5B%7B%22id%22%3A117411%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A612%2C%22height%22%3A344%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=75b659c4-d66f-48ad-9713-a8953af15f92&formatVersion=1069&env=js-web&netBw=10&ttfb=540
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b9eb9cc59a99549fab4b202755c5accf4be528a8cfb4226ed6c56eeff81ca7bc

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 19:18:00 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.stuff.co.nz
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 366
expires: Wed, 07 Sep 2022 19:18:00 GMT

POST event-tracking
www.neighbourly.co.nz/ Frame C00D 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.neighbourly.co.nz
URL: https://www.neighbourly.co.nz/event-tracking

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.stuff.co.nz/business/125592089	1969-12-31 23:59:59	Name: aamffx Value:
.stuff.co.nz/	1969-12-31 23:59:59	Name: at_check Value: true
.stuff.co.nz/	1970-01-20 14:35:14	Name: site-view Value: d
.demdex.net/	1970-01-20 10:08:50	Name: demdex Value: 26050201013146273894431301852634562067
.stuff.co.nz/	1969-12-31 23:59:59	Name: AMCVS_F5D11253512D2B170A490D45%40AdobeOrg Value: 1
.piano.io/	1970-01-20 05:49:40	Name: __cf_bm Value: 0yiVf50htUD3iDixTPhi6m9qQUFlq8rvFA7Uci60NqI-1662578277-0-AbajDaeaN+vEVrnLPlzTLKqvg2AJgZZCPXkTtj+7TA4Wjcgmr8YHfZHWU7x6gWonDNQftrsjDJG9FvJ6IRX3kt0=
.stuff.co.nz/	1970-01-20 15:25:38	Name: _ga Value: GA1.3.1662743608.1662578278
.stuff.co.nz/	1970-01-20 05:51:04	Name: _gid Value: GA1.3.823070381.1662578278
.stuff.co.nz/	1970-01-20 05:49:38	Name: _gat_6fec2d418904450dace4f478760dcc5a Value: 1
.everesttech.net/	1970-01-20 14:35:14	Name: everest_g_v2 Value: g_surferid~YxjuZQAAAGQMNwOV
.stuff.co.nz/	1970-01-20 15:25:38	Name: mbox Value: session#850e4a99141049b294ae9aa493052025#1662580138\|PC#850e4a99141049b294ae9aa493052025.37_0#1725823078
.stuff.co.nz/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.stuff.co.nz/	1969-12-31 23:59:59	Name: s_ppv Value: https%253A%252F%252Fwww.stuff.co.nz%252Fbusiness%252F125592089%252Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online%2C21%2C21%2C1200%2C1%2C4
.dpm.demdex.net/	1970-01-20 10:08:50	Name: dpm Value: 26050201013146273894431301852634562067
.stuff.co.nz/	1969-12-31 23:59:59	Name: sjSE Value: 1
.stuff.co.nz/	1970-01-20 15:25:38	Name: AMCV_F5D11253512D2B170A490D45%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19243%7CMCMID%7C26250121126185378694410199343315139235%7CMCAAMLH-1663183077%7C6%7CMCAAMB-1663183077%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1662585477s%7CNONE%7CMCSYNCSOP%7C411-19250%7CvVersion%7C5.2.0
.stuff.co.nz/	1970-01-20 10:08:50	Name: nol_fpid Value: vyxubrlmiftwgalixglomwszosdho1662578278\|1662578278088\|1662578278088\|1662578278088
.stuff.co.nz/	1970-01-20 15:25:38	Name: _pprv Value: %7B%22consent%22%3A%7B%220%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%221%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%222%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%223%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%224%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%225%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%226%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%227%22%3A%7B%22mode%22%3A%22opt-in%22%7D%7D%7D
.stuff.co.nz/	1970-01-20 15:25:38	Name: _pctx Value: %7Bu%7DN4IgDghg5gpgagSxgdwJIBMQC4QBsDsAzgAwBsAFgHYD2ATgFZQQCe6ALgCwgA0IAroRi1C2Sn1y5eAoQGU2ENgOwgINSjxCEEbGBmUBGfQFZ9xfQE4AHJdIX8R-Pg4AmIyAC%2BQA
.stuff.co.nz/	1970-01-20 15:25:38	Name: _pcid Value: %7B%22browserId%22%3A%22l7s06hnoecnxww97%22%7D
.stuff.co.nz/	1970-01-20 05:49:40	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online%22%2C%22sref%22:%22%22%2C%22sts%22:1662578278139%2C%22slts%22:0}
.stuff.co.nz/	1970-01-20 15:19:02	Name: _parsely_visitor Value: {%22id%22:%22pid=b032623a0001d3e3c306dbe70c71a4be%22%2C%22session_count%22:1%2C%22last_session_ts%22:1662578278139}
.stuff.co.nz/	1970-01-20 06:32:50	Name: aamadffx Value: enth%3D9157006
.stuff.co.nz/	1970-01-20 06:32:50	Name: aamffx Value: rt%3Dnanz
.stuff.co.nz/	1970-01-20 06:32:50	Name: aam_did Value: 26050201013146273894431301852634562067
www.stuff.co.nz/	1970-01-20 05:49:38	Name: __adblocker Value: false
.agkn.com/	1970-01-20 14:35:14	Name: ab Value: 0001%3A9H7p2N0WhtltuGrWi9H10aQJJV46qUGK
my.stuff.co.nz/	1969-12-31 23:59:59	Name: SESSION Value: 8c3320e3-dfc7-4028-83cd-708f9d0081b9
www.stuff.co.nz/	1969-12-31 23:59:59	Name: aasd Value: 1%7C1662578278304
.stuff.co.nz/	1970-01-20 05:49:45	Name: ak_bmsc Value: 07A97A5A02C432CEAEB2E7785B7A723A~000000000000000000000000000000~YAAQh6AkF2xZZgODAQAAyT9jGRGfaji0KYUKlAe9DyRIB2rm1HcrTaeIrjUmWIlttociHOd9RGglWvqVug2miRMMVn+yc5zzzxTfs1Az6aa2FV0VZoPjAekq7JhAENa4GC1R/7ZcvjnXnMgvkW3Dq26FDLWAKJYmsxL3bJIRirw7rs6RhDvewoMIbg6uDDF6wqu/KlLjhVEKZGyUmoWIojLTWmCDFeuZOrtMnYmR0FVgvbjUAThivf50BkGfvcmoNrW/ssfd3rrGZrQZVzbR4pbbhEC8nC2WFUpb7rWYBmkGFTAZLTmyvhTsArZGnZsLxfPS/FXQv1Gy+dP26qStaTeJcir2XDBmsBToeWlHG5vz3uIcZt4YcVjiYCyhHD9flZowtGL0GSJKO1SO23Q+nIA/K2Qvc7XG7cO2MyCLItKXoqAtio2DmATTW7ACbh6yrSdQSmGPNxGCf7GkuacunMGeMLG7DVbFsLyVVaAoMbQwRcLKTZbzbzy7QnYiBw==
.stuff.co.nz/	1970-01-20 14:35:14	Name: cX_P Value: l7s06hnoecnxww97
www.stuff.co.nz/	1969-12-31 23:59:59	Name: __aaxsc Value: 2
.exelator.com/	1970-01-20 08:42:26	Name: EE Value: "9b9b4d7f6f74b4bf92e0a3ff90ec0381"
.stuff.co.nz/	1970-01-20 15:25:38	Name: __tbc Value: %7Bkpex%7DbZIZ1pVZ9sV7EpbiZqI35EmyFuCtUTv6d9Qmx6hbzPQKHPCgf34Jy3bpTM1RlT5Y
.exelator.com/	1970-01-20 08:42:26	Name: ud Value: "eJxrXxzq6XKLQcEyyTLJJMU8zSzN3CTJJCnN0ijVINE4Lc3SIDXZwNjCcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAdEl%252BUWb6IhfXxUUpaQyLSopPBR%252Fs2QQAyucq%252Fw%253D%253D"
.stuff.co.nz/	1970-01-20 06:32:50	Name: __pat Value: 43200000
.stuff.co.nz/	1970-01-20 05:51:04	Name: __pvi Value: %7B%22id%22%3A%22v-l7s06hnx4d3zvo88%22%2C%22domain%22%3A%22.stuff.co.nz%22%2C%22time%22%3A1662578278451%7D
.stuff.co.nz/	1970-01-20 15:25:38	Name: xbc Value: %7Bkpex%7D47XouoXn6msRSoIFUJwK30e3MpsEZQdhFXWh6dJJPUu51lWiPfF2LbtIwVMKjgZBg48JOAhtW2xbrV_u_BUyxGl5yR1CS-i5jdkuTxapz_QMY0vxMOOF5EamNwKOCwn9fhZnQp0DJBhMaxGrLdCkgdPvHQ5I7Yasbn9wTuZAVkT7053XPAcUdtN6uVAYDPZnMvP-dgIH4aX5dI92bXnemw
.stuff.co.nz/	1969-12-31 23:59:59	Name: cX_S Value: l7s06hxcqlvddidf
.imrworldwide.com/	1970-01-20 15:11:14	Name: IMRID Value: c88a4ea1-2ee1-11ed-a6e1-d5aebab5492c
.doubleclick.net/	1970-01-20 15:11:14	Name: IDE Value: AHWqTUnGulRgIw9IstButcI_WRj6XOLs5AtXP0nhKEgpwlAqMQFnWZSBTHNiaqL5voQ
.stuff.co.nz/	1970-01-20 05:49:45	Name: bm_sv Value: C157D1FA88812AF2DFF6E70252F8FA27~YAAQh6AkF21ZZgODAQAANkFjGREhy+K6+14g7J80U9YqBebXKtu+sDmueYBcj6K1OOo4tO+XLpyd4h00015vZRyPBkTPZLcuu1xZgrC+nOH7S9GTgvk8ELr7uuCcdzaqBjrMQbeJ7f628MCj5v/ny/08YMWORevqmOsJg/VCvc2yvvho4PAPaI1eKFv4xwOk/YL3GLIUV8J3EEZPaJZWWwQL2bSYNsdrie8GwYBU40tEn8vdPZpkWGonH9/JOVLDDg==~1
.demdex.net/	1970-01-20 10:08:50	Name: dextp Value: 21-1-1662578278063\|3-1-1662578278229\|481-1-1662578278334\|843-1-1662578278434\|771-1-1662578278539\|66757-1-1662578278642\|121998-1-1662578278743
.cxense.com/	1970-01-20 14:35:14	Name: gckp Value: 3o39s7rky0agk1so73g76ttc95
.stuff.co.nz/	1970-01-20 14:35:14	Name: cX_G Value: cx%3A17dnuzrf80npt2niaqj3a8sguz%3A3eb7mqhg5a6rr
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.krxd.net/	1970-01-20 10:08:50	Name: _kuid_ Value: PELaS9XC
.fairfax.demdex.net/	1970-01-20 10:08:50	Name: fairfax Value: 26050201013146273894431301852634562067
.stuff.co.nz/	1969-12-31 23:59:59	Name: s_tp Value: 5594
.aaxads.com/	1970-01-20 14:35:14	Name: aax-vsid Value: 3055798798173308000V10

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://videos.oovvuu.com/stuf/v1/ovu_rec.js Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://widgets.neighbourly.co.nz/showcaseplus Message: A preload for 'https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Regular.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://widgets.neighbourly.co.nz/showcaseplus Message: A preload for 'https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Medium.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://widgets.neighbourly.co.nz/showcaseplus Message: A preload for 'https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-SemiBold.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://widgets.neighbourly.co.nz/showcaseplus Message: A preload for 'https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Bold.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network	error	URL: https://adfeeds.stuff.co.nz/v1/channel?v=1&p=desktop&s=/business/null/null/null/null&l=/International&pt=article Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://widgets.neighbourly.co.nz/showcaseplus Message: The resource https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Medium.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://widgets.neighbourly.co.nz/showcaseplus Message: The resource https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Bold.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://widgets.neighbourly.co.nz/showcaseplus Message: The resource https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-SemiBold.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://widgets.neighbourly.co.nz/showcaseplus Message: The resource https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Regular.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-inline' 'unsafe-eval' 'report-sample'; img-src http: https: data: blob:; media-src http: https: data: blob:; report-uri https://csp-reporter-production.apse2.ffx.nz/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aa.agkn.com
adapi.stuff.co.nz
adfeeds.stuff.co.nz
ajax.googleapis.com
amplifypixel.outbrain.com
assets.adobedtm.com
ats.rlcdn.com
beacon.krxd.net
buy-au.piano.io
c.aaxads.com
c2-au.piano.io
c21lg-d.media.net
cdn-gl.imrworldwide.com
cdn.brandmetrics.com
cdn.cxense.com
cdn.kdaimo.com
cdn.neighbourly.co.nz
cdn.parsely.com
cdn.sajari.com
cdn2.neighbourly.co.nz
cdnjs.cloudflare.com
cf-images.ap-southeast-2.prod.boltdns.net
cm.everesttech.net
cm.g.doubleclick.net
code.piano.io
collector.brandmetrics.com
comcluster.cxense.com
d867x8xq12ag.cloudfront.net
dashboard.presspatron.com
dpm.demdex.net
ds-aksb-a.akamaihd.net
events.apester.com
experience-au.piano.io
fairfax.demdex.net
fairfaxnz.tt.omtrdc.net
fonts.googleapis.com
fonts.gstatic.com
i.piano.io
id.cxense.com
interactives.stuff.co.nz
l3.aaxads.com
load77.exelator.com
loadm.exelator.com
mcdp-nydc1.outbrain.com
my.stuff.co.nz
o68184.ingest.sentry.io
odb.outbrain.com
p1.parsely.com
p1cluster.cxense.com
re.sajari.com
resources.stuff.co.nz
sdk.apester.com
sdk.ffxpub.com
secure-dcr.imrworldwide.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
somniture.stuff.co.nz
static.apester.com
static3.stuff.co.nz
stats.g.doubleclick.net
stuffnz-sydney.gscontxt.net
sync.crwdcntrl.net
t.teads.tv
tcheck.outbrainimg.com
token.rubiconproject.com
usermatch.krxd.net
videos.oovvuu.com
widget-pixels.outbrain.com
widgets.neighbourly.co.nz
widgets.outbrain.com
www.aaxdetect.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.neighbourly.co.nz
www.npttech.com
www.playwidget.stuff.co.nz
www.stuff.co.nz
x.dlx.addthis.com
xas5wvnt8fdfxhrf7wtoa6ehqehnw1662578278.nuid.imrworldwide.com
www.neighbourly.co.nz
104.96.159.57
13.224.189.3
13.224.189.41
13.225.78.36
13.225.78.86
13.225.85.39
13.32.110.125
13.54.9.50
142.250.185.162
147.75.83.64
15.188.95.229
151.101.130.133
151.101.130.217
151.101.194.133
151.101.194.227
151.101.2.133
151.101.66.227
152.67.105.100
184.29.193.239
199.232.18.132
20.50.2.28
23.205.239.15
23.35.228.23
23.35.229.181
23.35.229.56
2600:9000:206e:9c00:1d:ff29:58c0:93a1
2600:9000:206e:a00:2:42d9:3100:93a1
2600:9000:206e:de00:1e:a43d:b640:93a1
2600:9000:211a:e400:1e:9232:ebc0:93a1
2600:9000:219c:3200:1b:11ff:f600:21
2600:9000:21f3:7c00:1d:667e:2a40:93a1
2600:9000:225e:d600:1a:9e13:5280:93a1
2606:4700:20::681a:69b
2606:4700:3032::ac43:bf95
2606:4700::6810:2a41
2606:4700::6810:f015
2606:4700::6811:180e
2a00:1450:4001:802::2004
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2013
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a00:1450:400c:c07::9a
2a02:26f0:10e:38f::268b
2a02:26f0:3500:592::3871
2a02:26f0:3500:e::1732:834e
2a02:26f0:ea:489::1e80
2a02:6ea0:cb00::2
3.248.73.132
34.120.195.249
34.249.4.48
34.255.225.203
35.190.50.98
35.190.72.53
35.227.201.100
52.16.88.31
52.17.214.109
52.17.99.225
52.215.56.149
52.30.241.123
54.171.98.27
54.78.254.47
54.80.61.218
69.173.144.138
70.42.32.127
88.221.169.78
00151c64805f06ef194b3ae5f6f9389696941323b1413460805462f527b822d0
01a02851049854d2d7e2ce81446cabdd55afe68b68bdd7ee09be35bc3dc504ac
02636241723428d07016ceb3b305e0c6bc12d3d81784b6b4ca94048effe785b6
02821ab0f21de953846c00eac19cfebfa6bfe29b68b8001acdd9b20324d64d36
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
05632fef57161e9004fb7e313a6b00c87202bda866706e70505a030e67d9d8a4
05eb6bfc9bfebc9a6013ec355b73ae65f89c8f3ec5a3a5fa1ab2b3d7918bead7
06d38abd43f12c64d76394d1fbbd2570afbbe4aef6407e025a4437e50f599380
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
075a8ac615514bdfb50ff549c364975167a846d282b3bee916152fee7cdc7a7b
09675ea155d08e959872d1f64ae603c9e0071d502c7ddfe853e0fbabf7e9cc15
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0a325decfde845ca807eb95bb738b93e3a39bc9dc5dbbe30006a46d0aaa11985
0a39b3e49ca948628755df1e1567befb736cedf12f9b5dea0e37adb39c340ebc
0b2efba04d1c3db1c5a4818628ebc3ebc10e2c9bb8bef10670490db94133eb55
0f922bc0a8eced3f3da9e96bbe519d90469e32de911409c932f5e6d72ca4346d
117ed873640b992e38f34a0a761dd3e1cda6b3c24c9507bb3adc0323039f8ff1
11d6af78e66283ece20bc13c4439f9beea0cac411e9ac90ee81f74ce290bf2aa
15f0e8785ed86a7e2f77ee7f29dcb9c6dde7dd976e04de99c9d9e4cde7672aa9
1786bfb5bc61c63a26e18ac30db3db9cdf3c87ae30f40ea907fe040ac2a99b27
1a0decca0c2168150ddc4982022766c1a3268e18187e083149f4af1643a7ba06
1f95863ce5f0fb4b867484f365a8b78165aad4343252bbe69153638558270dbe
204eeb9a3f50a847d5706aa073fd14a06ae3d18b776484d4c9e7497a10cbec09
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840
278146e898fab9a0e0a48a19c65a730c2b94a5492a03a621eef220e26712700b
286a5bcfa642461849ca5397fde16452a1f50d784bc7cb1631099ced066831ee
28b8b88196f15352c2c5fd6411ae1da28f72cc1ed3cbf26a13eef570d2d9b101
292288f03d122da15bcd8cbd10868a0a047cf22e83e0f83c231f48bf23fcb860
2a790de20153d921b7be7123dd4668d130fea09fe94d6ce267b499d3e75f7a93
2b50c05a7f67bb2af3c6622362567076243096d361625d4b17a3d906b0b6ce0e
2c85c8177b9128cf516265d901e7fb5c09c3f04671e1102115df9ef9be77a899
2ce200572a95b7da0d68c820367fe15c437f32a4516c88217df94f42491660d4
2ce55a3b45b4bf5710f45bb3f1ac2c86968d1679693da9eca889229c5301fb79
2ce65e5fd87e0eb1a626b570dd69a587f7bb86bbfc2073c83ba0c318906a1e0f
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2db493ad2312e7ca41e6c7b7ba720ac065a0faf46724ed8e7c8878cc2d2a470d
2dd864f24cf286f6c816e0e64f17ff947af13c93f11e68827536c6ce5a187b4e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f3da7ec54375272fa6b82a19bac4ce6e71b35b8230f4c20fb8a45cee257eaef
3207d12eddcd5a7207fa64a26747eb2bc81a7544d2f871abe2e5424895100966
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
33def4d457d490ce89b5e6be3dcf904c25d03a50dd7f7a65237f395d7161b5e4
358c81db58ad24fd87590c32620523f31f27a00783102e24cb7426abafbd8837
36b5a9aeba72ecb83655012fd06bdc98a08d8e0021a58f80d53abeacc4878078
3c038cfbe139775e4f3cdf178631db05bcb18b02a0ac286fdb72c2bb92b1c98c
3c2824b5d9d3293a4d3b231891aa2834a476f16463bfb8824e7a8225bba32053
3f3c351c671ee2a2b786072b483678d04c3597194be505d6260f8ebb50b9845f
422af571c020d8ca64406d0e2c9170b6a49232825a3703767400d3792709098e
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
437c1397afa0c07b0e916bbf110c180e5c6a8d3d8b7b4a72023ed28cfcaa931e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
445b7efe0c22c800ae34c9a11a571bd976a69d7491223cd5c76cbffebfe7fc13
450d5b914090c8b5881931b2173959baaebb2ed732b7e558b342cf22c1d4dd21
4601918ef3053d11dec29938e953c2499c64eb676b3a5689ec9958a8b7e85c9f
4714f8583a8bb05c3db92d2b3345d56183c7dce460085524d52f2d4b1e029b44
4789e2561c1fef79d36ebb44c1d34b2d2df34ce4a589d3a3272bae272294c976
48c6d12327593c8395849eaaa62a016dd10711495824a90ca550a5aafeb06d79
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b3d4183b2b59c9e5acb66a10b907cb9205a8cd93d8669d58f02efa93730f0fc
4c3a0d03a71141a5f6bbf5510a2c2f23566d1c9e292be0fe36e36a5fd7ae74eb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7888ff0f09652a80767bad958aaec1cde6d63b3fc958d9cb7d2467bb867ea2
4f52d957c339c18d67301a731568bc6912434216fadb25b5fa3f91356b4eff0d
4f66651f92d5d54302d0bfbd1fdfda6eec032bc25405941d538268c13a70e004
4f9bb814f7424c0dcd1f3924e9001ddfee426f5734bb070b8e5463e04dca941a
515d56cc7401c93f254706477fb1651775d2c0ae20add0d7fbb8f0092bbd5095
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
5522fa3faddd44754a3031f0cea90f32c4da5ca5246a91be3f88fd58478d2005
57630d8dcf2904d8a5a710ecaba71444fb360177fcd81d06b3a207048c11762f
59119d769463d6328c2791982090c033babaffd946a3616d3291db1bf6053fd0
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ee5ed452e846a3a90ad1be1f975d8711e74967f52f9a86b6f23441527b9e7da
5ef3a40ff721375bc61aadec4e405dbac466e1f53bee4ea4f082da82797c8286
6200739690705845c8c84e0c50795221872b62623a68106f19d9793d6a434636
6279d0c80c6b38017d258115093b47e9281f1cbdffeb06748dd4d72a4f07ccdc
635a136e36d4a58ca3d882b71061c4764b613fe4361ea61b22dade8abda2c4b4
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66d64ecd956174bddcffdc71bdc1e8370638915731779ae7c8b396b1f5b8cb4b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bdf5eaaf8a9a97d7a6a5937d56a60a84651d5870648f6c8b726afab80962f7d
6becd77411e34f8dcd313296ae9e181664a3b3cc0a044b38e1534dea05336087
6d6cb4bcf91fb483d6f958f9aec072249aa112f73fca03695a61e8cc98bd8246
6e29947674d4ba75d5417e6ad8b7d8f30cc56310394c1e5d4de713b827c31f73
6e8f782cb76f95850c56a2bec743171e3ece77af0a3817b315581b53b88e1eaf
6e9e064b938b0b9cbd469cd53860467254dfaa40fb278949ef8213062affc6f0
6f279f5faac1c4344835c45369a2a22ecd208b84fb0d8d0e5d0fa014471d9e9b
702af84ee1025ed93d061b69a948cbb191393867c5643f681bd2291d8c3d6bda
71bb74021340ca7d325619d0d0da90651add48bc4c627a4c60219fda7fc40a35
71d0ed9533c02aabf9a8a1188a699f8f6d7eabcf403760b48fdd3abbcafb40ad
74ac6df7d20bd573560831e17c5e0e78c3bb86730abea26302281b798eed6c6f
74bb66694812e2f751acb9c919b880f7fc7872afe56af98db37e2df60b1cadd0
74eb4ae85b60f0c268fa1fe8ca58becc930e130a1057bc82d5d6cab6d9fbb6ce
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
788428389780b0f3802dcb3ad86176ba22aefec9a6d7f255794755c34d2ec264
78d34b8c32708194129f43d3952744a61306c6db3abfc4c1a336323eb99fa51f
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d0b5690d943eeec5db9b0344f07d4faf581c1f9452790fbab40ad4c11e78b57
7eb4e050bc2d52c4954259186533768be507cc59263acc79c1deb03117565302
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
82075ce2fc5969ce84e3db98a0ad9b29729b787611eac96a08da591c4c23ab62
82411ccd8cd8814825970283d58f132cc2baa464062aa0e5fae2132ab9aee2ad
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86e4cea7590220e8b29905c5a92057f3e98d11f8e225a1e0ca762a1c83e6d8f6
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89fc79d987b99dd12b593e541466f9be361332ef2fc7bd5c198f6bb3a92ced5c
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8b341f84503e48233a0557f70061a7f4cc90d468cf147d75cc82cc1398bb6bc0
8fbf6dbda27863e94305c9a5b26d276bfbb627f7a34a4b0de1e3ee6a6d15fdeb
91885f76e8c3aaf56cb3aed01378157fbb51d4e0eba02091e7a298a82a272850
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
94b570c0adf306d4cfd4e6acf9750c96c2f8e8e5ec413d2776f247cdcd70e754
950625f7eccd4526dcedd43bc92375ff041b33aea14c2634f5fb94674f74f9aa
95bf75ac12ac6742c514e6a5badee856d1b9a6e09beed2d4d1f5f52e743cb7a4
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
96a1951bf490b344d6776ce3b6539bb632d3019017541d876eb3f50af85444f6
974a6c77c74cfa614911499f6f2b436b1170ab6aea6347317fbe8834c0dcea91
9782175135a2aa782bd506a89b21e2e8572f70a7abc39686e21a42377aaac98c
978eedd92629e322eaec8ecf8fbb4b97ba4647baf8c43ac04c239a16f28a63be
984ad831daf638a6b6e73e85fdcdddc6f8eea97a4121c0b9ccd1065eb95e7e74
99a42e69ccec698d9be89d17d7cb3efa693436bd3422b9a038919a8a878128d3
9b20e85c43c9b8c1511a6ae8b57abb05433c132654f9475b9e87841980752036
9c674cd064c3e3694a9561fff553c14ea49f9cec31a6257eac9709ec5db7d22b
9cb0ea81805e7a617e1c5acf9f9e5b82c98b7d0055b91849d26e67ce9dc4195e
9d2ed300e56e6818a6d7436b2bf489c58af9948328afc1985caf73a9f444c71d
9d73ef96b9d0d9d2e2f4a8c2133eac7bd5fc9e3e0ec952a7d383e44a4b677db5
9df5c5e47491aed4e935e789ad5f0b1c7ec35c364189086a5338c343fb91ca69
9e5dd1c9c8cc79f836cd716163ce0483d5c23acd7ab84ba22f96e41abdc9a3b2
9ecf5cbe631f042bebb2e8bde0b900b2c1aff87a18c56d49979cf16f6cd7b1d9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a24bd9c44cb90f06a11109a0719b5a823c3cba9427a5be6d85c38f5df824e86e
a8047ec15f86cdedd9a1125d3c1dac7f057b5982b1933f7c9dc71008b666bf49
a9de0b5cc458cb6c015879ca5ce1ea100339f5d315307a5b5a95476ba630c2a9
aa04f774796d5490065166dbd585a5598dafe7fa3ddc109d3c6defbbf60a2e8d
aa2364dedec6a43252d203e609c5a6f15a8a115004481e2713102c9623fb9435
aabf2045079740c4cd6d94f34fbf93ba309ba700153beff2afa134c032fc5e62
aacb0ec4ce5142c8209effe5abde453db440f6cae4a9106244d70cdc4484ae2f
ab7cbf9f06f3e2bb6290feac03f122c13e6010ff792124213de423578537f333
abda0149fce0ef36e0f5f3bcc12e2d99ed2c60e23975b17992c87c317ac176da
ad93b7e5d6d74176e70235ac0da05ef3db454ea85b0a523bce9543bc717b21d6
ade04bcbedf25ab3c61c65688eca995cbb9001828cf63d3b24378e912bf40132
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af302f94b7d8558cc9f4903f6a135f414065b9a43b04c16abd7d5494619e259b
b0e51b99843499f82cab291b5c7c4f157e0188aedf1612eff965f2255f3abe28
b0fcb4ddd51c77676d524222345c107a2832c4b8a35c45941071ea19f2861135
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b48d5d2471817435647d2a820cd24a2e9a71c676f60a1187de8b683de4d09fe1
b7fb9afe7b176646cc40746bc22781db9ff7db6bfaa0a4578f82bd74d4912456
b9eb9cc59a99549fab4b202755c5accf4be528a8cfb4226ed6c56eeff81ca7bc
bafb226ce908c370462ac78ef6f6027e4bcae18d90b9336450d9136faacf36c5
bba05a999896e6d09e9a37b69ebb5e282d8aa0b20a5fd94a3d2a6f0a43a16a6c
bd25a18aec92bdbe8aaf1a01a19030fe5d8d875b3aba6006ff6c66399de314e1
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
c042759fc0297fea812dcb8544ea97727b34f3299c751b6af5ee0bfd8deb245c
c055220cad9ab6321c8d430056a88f8ecc1a03e77780aeced9bab04f64285e4b
c130e14ca73acebdee9a25f94ecf2fbc017f391406fb116c43f7db29aa5b2910
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc
c700c799b3a83b5b2e03b7308d858196965ca0fac8d582a4d3e6dc5006713f1d
c8ba67ef9e59a515bd68497847556fab804776ada6c43fa481d6e7ea707da284
c9193654a23422beffa46afe37ae99483653dd827112d3678c889c0c505570eb
c9c63a228fc6b580d0376d0a3f6a2ac838d87d4c4f8731f1835658c7c3d65199
c9d3a47ee8062f27d83f2c6cadbf23a78c099d997756dfec8f17a046f90f6fb3
cecd9adf88bbfb60123792aed2cf479b3e1f312030b257c4be306fbae318cd6e
cf38d19d37a13789e99300f5fa0110a86c4d9b3ec76d30a5a731ba72314b45b3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12f19f643104ef9335eb68f47dec065bed6d29cfe2e4b07d2284193f2ae64f3
d1d858cbffd70b52bf6b006f81d7616c495d26830775b826d82e5cbe42a66a1b
d20f0f2a17ed821c2d4e8a62e578f8f42516bed16ec06132688b6cad50ef1e5a
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d37c2f26552e7427f9f86fc6dcf05276f0dbd7a746a6fb42584ac88193056cd3
d3871e2070a243288259b54f34b530e09ad7005f4aa0938cc8fb3dc6cc096b24
d49df5c2cf39492c652c52c5ea41d53e3678cd27be6d17ea81246b18c8059650
d70428e860e50fbfaac3b88ac8e7a590a71d2f3fc454c959798f177e2bfaf23b
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
d9cc561361c9c860cf70548b20a75126fe0aa1afcd9f4a7b5485abe5cd9e2d76
db2df9b83da7ae87099495c1e14f9b94d416fa284ede72231aba757190884a30
e3981b1db3de18ae74a074167e1d1bcab1b1762ff521ec6469c9543a690453de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40fe1015fc6914e48d65ecec07bdc4ac3741183473f51499329ffcdeaa4e8a3
e5cada74514ea791cf21ea5c1500de5fc08454e947f0aea484b8e5ef2ce4ea18
e66cccb6fd64ae7c7e428900129c22644e340286024b3e0bcce8b94432745e7b
e771b18013e08941e60520f23c44d5ac294c31e35d2f33d908ebf860c021caf6
e8cd27492a8b97fa4c07c1210f85eb04a9a256d00733dec84de8d6bad6548b69
eab63a4b60390e5e089933a538b69d19d138d9f464ab3f7e58045edd0fe1c829
eaf0ba14a993e371dc5ad2b2ea21ef444560320f3f8c7a3b56886adca84b8bed
eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f
eba8e146cb4aeb1da575bb17f8961d2594d0f60af6d7eaed5cdc95c4dcd451a1
ee1ea43ab128eb9611605f181b5da8eb385f464aacdda32cf8880fa1b2d7a7af
ee748954eafbc893449bcb12f5f1d521ece9f361cb13bd40bfe93c49d396408f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f150e1bbb75e086a62af5776f3d2a4a4da21e42f7d736904b3daf59f7ab0d8a1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8c5e417d2e60b16692d21841cee7949e2b3e92d67f3b5a778bfb859443d3e36
fb5c24b4ea797b4578b5e62a0b549058f81130f4c360afc4b113d013053df318
fde9277e699de5f4419f378e798a3a4ddbfd429b9b6a466b64d9b2ef8526a55f

www.stuff.co.nz Open in urlscan Pro 2a02:26f0:3500:592::3871 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

249 Requests

96 %HTTPS

39 %IPv6

45 Domains

83 Subdomains

64 IPs

9 Countries

6795 kBTransfer

12338 kBSize

50 Cookies

21 Outgoing links

Redirected requests

249 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.stuff.co.nz Open in urlscan Pro
2a02:26f0:3500:592::3871 Public Scan

Screenshot
Live screenshot

Full Image

249
Requests

96 %
HTTPS

39 %
IPv6

45
Domains

83
Subdomains

64
IPs

9
Countries

6795 kB
Transfer

12338 kB
Size

50
Cookies

249 HTTP transactions
6 data transactions