www.stuff.co.nz Open in urlscan Pro
2a02:26f0:ea:482::3871 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Submission: On September 08 via api (September 8th 2022, 11:29:33 am UTC) from US — Scanned from DE

Summary HTTP 141 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 57 IPs in 8 countries across 42 domains to perform 141 HTTP transactions. The main IP is 2a02:26f0:ea:482::3871, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is www.stuff.co.nz. The Cisco Umbrella rank of the primary domain is 202185.
TLS certificate: Issued by DigiCert ECC Secure Server CA on February 21st 2022. Valid for: 7 months.

This is the only time www.stuff.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	2a02:26f0:ea:... 2a02:26f0:ea:482::3871	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	35.190.72.53 35.190.72.53	15169 (GOOGLE) (GOOGLE)
1	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
3	184.51.9.223 184.51.9.223	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:230... 2600:9000:2304:4200:1a:9e13:5280:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.66.147.88 18.66.147.88	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	34.242.80.80 34.242.80.80	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	152.67.116.253 152.67.116.253	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	52.222.214.88 52.222.214.88	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3032::ac43:bf95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:79b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:ea:... 2a02:26f0:ea:4a6::3871	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.110.98 13.32.110.98	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:236... 2600:9000:236e:8000:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	2600:9000:223... 2600:9000:223c:e400:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	35.190.50.98 35.190.50.98	15169 (GOOGLE) (GOOGLE)
2	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
1	52.215.111.225 52.215.111.225	16509 (AMAZON-02) (AMAZON-02)
1 1	34.248.32.199 34.248.32.199	16509 (AMAZON-02) (AMAZON-02)
1	52.30.241.123 52.30.241.123	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.227 151.101.2.227	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223e:6000:1e:9232:ebc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	23.202.54.36 23.202.54.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223d:8e00:1b:11ff:f600:21	16509 (AMAZON-02) (AMAZON-02)
4	23.205.241.117 23.205.241.117	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
2	35.227.201.100 35.227.201.100	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.66.227 151.101.66.227	54113 (FASTLY) (FASTLY)
1	3.105.141.111 3.105.141.111	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:350... 2a02:26f0:3500:898::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	52.17.63.11 52.17.63.11	16509 (AMAZON-02) (AMAZON-02)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
1	23.205.239.15 23.205.239.15	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.75.143.131 54.75.143.131	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:2c00:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
2 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	35.171.14.192 35.171.14.192	14618 (AMAZON-AES) (AMAZON-AES)
1	54.76.58.201 54.76.58.201	16509 (AMAZON-02) (AMAZON-02)
2 2	52.213.127.205 52.213.127.205	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2013	15169 (GOOGLE) (GOOGLE)
1	23.202.52.26 23.202.52.26	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	147.75.83.64 147.75.83.64	54825 (PACKET) (PACKET)
3	23.35.229.56 23.35.229.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.202.53.124 23.202.53.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:350... 2a02:26f0:3500:493::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
141	57

32 2a02:26f0:ea:482::3871 (Vienna, Austria) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.stuff.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
interactives.stuff.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static3.stuff.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.stuff.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.53 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 53.72.190.35.bc.googleusercontent.com

static.apester.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

sdk.apester.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.51.9.223 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-223.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:4200:1a:9e13:5280:93a1 (United States)

ASN16509 (AMAZON-02, US)

videos.oovvuu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-88.fra60.r.cloudfront.net

dashboard.presspatron.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.242.80.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-80-80.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.67.116.253 (Bungarribee, Australia)

ASN31898 (ORACLE-BMC-31898, US)

stuffnz-sydney.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-88.fra56.r.cloudfront.net

cdn.kdaimo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:bf95 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:79b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o68184.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ea:4a6::3871 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

my.stuff.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-98.vie50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:236e:8000:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223c:e400:1e:a43d:b640:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

experience-au.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
code.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy-au.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2-au.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

cdn.neighbourly.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.50.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.50.190.35.bc.googleusercontent.com

cdn.sajari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.159 (Lovettsville, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.111.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-111-225.eu-west-1.compute.amazonaws.com

fairfax.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.32.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-32-199.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.241.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-241-123.eu-west-1.compute.amazonaws.com

fairfaxnz.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.227 (United States)

ASN54113 (FASTLY, US)

resources.stuff.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:6000:1e:9232:ebc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.ffxpub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.202.54.36 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-54-36.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

fairfaxnzstuffoverallproduction.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:8e00:1b:11ff:f600:21 (United States)

ASN16509 (AMAZON-02, US)

d867x8xq12ag.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.205.241.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-241-117.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l3.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.201.100 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 100.201.227.35.bc.googleusercontent.com

events.apester.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.227 (United States)

ASN54113 (FASTLY, US)

adfeeds.stuff.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.105.141.111 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-105-141-111.ap-southeast-2.compute.amazonaws.com

adapi.stuff.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:898::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.63.11 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-63-11.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.239.15 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-239-15.deploy.static.akamaitechnologies.com

www.aaxdetect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.75.143.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-143-131.eu-west-1.compute.amazonaws.com

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:2c00:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

5pscixrq8sowctgzaplifoconwfeq1662636567.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.14.192 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-14-192.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.58.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-58-201.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.127.205 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-127-205.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

re.sajari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.202.52.26 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-52-26.deploy.static.akamaitechnologies.com

c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.202.53.124 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-53-124.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:493::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	stuff.co.nz 1 redirects www.stuff.co.nz — Cisco Umbrella Rank: 202185 interactives.stuff.co.nz — Cisco Umbrella Rank: 553652 static3.stuff.co.nz — Cisco Umbrella Rank: 757635 my.stuff.co.nz — Cisco Umbrella Rank: 401720 resources.stuff.co.nz — Cisco Umbrella Rank: 257346 adfeeds.stuff.co.nz — Cisco Umbrella Rank: 519751 adapi.stuff.co.nz — Cisco Umbrella Rank: 551865	1 MB
12	piano.io experience-au.piano.io — Cisco Umbrella Rank: 467501 code.piano.io — Cisco Umbrella Rank: 38348 buy-au.piano.io — Cisco Umbrella Rank: 344973 c2-au.piano.io — Cisco Umbrella Rank: 325610 i.piano.io — Cisco Umbrella Rank: 49997	252 KB
11	imrworldwide.com 2 redirects cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2629 secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2066 secure-dcr.imrworldwide.com — Cisco Umbrella Rank: 2541 5pscixrq8sowctgzaplifoconwfeq1662636567.nuid.imrworldwide.com	80 KB
9	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	90 KB
7	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 5632 p1cluster.cxense.com — Cisco Umbrella Rank: 10706 comcluster.cxense.com — Cisco Umbrella Rank: 5366 id.cxense.com — Cisco Umbrella Rank: 11107	67 KB
7	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 297 fairfax.demdex.net — Cisco Umbrella Rank: 446052	10 KB
7	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 553	149 KB
6	teads.tv a.teads.tv — Cisco Umbrella Rank: 1392 t.teads.tv — Cisco Umbrella Rank: 2658 s8t.teads.tv — Cisco Umbrella Rank: 5076	134 KB
6	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1474 amplifypixel.outbrain.com — Cisco Umbrella Rank: 19889 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3337 odb.outbrain.com — Cisco Umbrella Rank: 1813 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5995	75 KB
5	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 stats.g.doubleclick.net — Cisco Umbrella Rank: 188 cm.g.doubleclick.net — Cisco Umbrella Rank: 303	131 KB
4	aaxads.com c.aaxads.com — Cisco Umbrella Rank: 4150 l3.aaxads.com — Cisco Umbrella Rank: 6856	131 KB
4	apester.com 1 redirects static.apester.com — Cisco Umbrella Rank: 18782 sdk.apester.com — Cisco Umbrella Rank: 19910 events.apester.com — Cisco Umbrella Rank: 18207	67 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 2436 load77.exelator.com — Cisco Umbrella Rank: 4165	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	40 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1087	588 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1847 beacon.krxd.net — Cisco Umbrella Rank: 741	529 B
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 4001 p1.parsely.com — Cisco Umbrella Rank: 3342	26 KB
2	2o7.net 1 redirects fairfaxnzstuffoverallproduction.112.2o7.net	1 KB
2	sajari.com cdn.sajari.com — Cisco Umbrella Rank: 112906 re.sajari.com — Cisco Umbrella Rank: 131216	23 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120 ajax.googleapis.com — Cisco Umbrella Rank: 480	6 KB
2	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3797	17 KB
2	presspatron.com dashboard.presspatron.com — Cisco Umbrella Rank: 91063	12 KB
1	media.net c21lg-d.media.net — Cisco Umbrella Rank: 3461	329 B
1	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 2012	174 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 1115	214 B
1	aaxdetect.com www.aaxdetect.com — Cisco Umbrella Rank: 10346	342 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 775	477 B
1	google.de www.google.de — Cisco Umbrella Rank: 3469	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 19	501 B
1	cloudfront.net d867x8xq12ag.cloudfront.net	736 B
1	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 4265	463 B
1	ffxpub.com sdk.ffxpub.com — Cisco Umbrella Rank: 656281	20 KB
1	omtrdc.net fairfaxnz.tt.omtrdc.net — Cisco Umbrella Rank: 476854	717 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1651	517 B
1	neighbourly.co.nz cdn.neighbourly.co.nz — Cisco Umbrella Rank: 471507	7 KB
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 2028	37 KB
1	sentry.io o68184.ingest.sentry.io — Cisco Umbrella Rank: 501474	277 B
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 5861	3 KB
1	kdaimo.com cdn.kdaimo.com — Cisco Umbrella Rank: 39600	4 KB
1	gscontxt.net stuffnz-sydney.gscontxt.net — Cisco Umbrella Rank: 447598	302 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	29 KB
1	oovvuu.com videos.oovvuu.com — Cisco Umbrella Rank: 393345
141	42

	Domain	Requested by
25	www.stuff.co.nz	www.stuff.co.nz
9	cdnjs.cloudflare.com	buy-au.piano.io
7	assets.adobedtm.com	www.stuff.co.nz assets.adobedtm.com
6	buy-au.piano.io	code.piano.io www.stuff.co.nz buy-au.piano.io
6	my.stuff.co.nz	1 redirects www.stuff.co.nz my.stuff.co.nz
6	dpm.demdex.net	assets.adobedtm.com www.stuff.co.nz
4	cdn.cxense.com	code.piano.io cdn.cxense.com
4	secure-gl.imrworldwide.com	2 redirects secure-gl.imrworldwide.com www.stuff.co.nz
4	cdn-gl.imrworldwide.com	www.stuff.co.nz cdn-gl.imrworldwide.com
3	a.teads.tv	www.stuff.co.nz a.teads.tv
3	i.piano.io	buy-au.piano.io
3	c.aaxads.com	www.stuff.co.nz c.aaxads.com
3	www.google-analytics.com	assets.adobedtm.com www.stuff.co.nz d867x8xq12ag.cloudfront.net
2	t.teads.tv
2	sync.crwdcntrl.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	loadm.exelator.com	2 redirects
2	secure-dcr.imrworldwide.com	www.stuff.co.nz
2	events.apester.com	www.stuff.co.nz
2	fairfaxnzstuffoverallproduction.112.2o7.net	1 redirects www.stuff.co.nz
2	securepubads.g.doubleclick.net	www.googletagservices.com www.stuff.co.nz
2	cdn.brandmetrics.com	www.stuff.co.nz cdn.brandmetrics.com
2	dashboard.presspatron.com	www.stuff.co.nz dashboard.presspatron.com
2	widgets.outbrain.com	www.stuff.co.nz widgets.outbrain.com
1	s8t.teads.tv
1	id.cxense.com	cdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	p1cluster.cxense.com	cdn.cxense.com
1	ajax.googleapis.com	buy-au.piano.io
1	c21lg-d.media.net	c.aaxads.com
1	re.sajari.com	www.stuff.co.nz
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	x.dlx.addthis.com	1 redirects
1	mcdp-nydc1.outbrain.com	www.stuff.co.nz
1	token.rubiconproject.com	www.stuff.co.nz
1	l3.aaxads.com	www.stuff.co.nz
1	load77.exelator.com	www.stuff.co.nz
1	odb.outbrain.com	widgets.outbrain.com
1	5pscixrq8sowctgzaplifoconwfeq1662636567.nuid.imrworldwide.com	www.stuff.co.nz
1	www.aaxdetect.com	www.stuff.co.nz
1	p1.parsely.com	www.stuff.co.nz
1	aa.agkn.com	1 redirects
1	c2-au.piano.io	www.stuff.co.nz
1	adapi.stuff.co.nz	www.stuff.co.nz
1	adfeeds.stuff.co.nz	www.stuff.co.nz
1	www.google.de	www.stuff.co.nz
1	www.google.com	www.stuff.co.nz
1	cdn.parsely.com	www.stuff.co.nz
1	d867x8xq12ag.cloudfront.net	dashboard.presspatron.com
1	code.piano.io	experience-au.piano.io
1	stats.g.doubleclick.net	www.stuff.co.nz
1	widget-pixels.outbrain.com	www.stuff.co.nz
1	tcheck.outbrainimg.com	www.stuff.co.nz
1	sdk.ffxpub.com	www.stuff.co.nz
1	resources.stuff.co.nz	www.stuff.co.nz
1	fairfaxnz.tt.omtrdc.net	www.stuff.co.nz
1	cm.everesttech.net	1 redirects
1	fairfax.demdex.net	assets.adobedtm.com
1	amplifypixel.outbrain.com	www.stuff.co.nz
1	cdn.sajari.com	www.stuff.co.nz
1	cdn.neighbourly.co.nz	www.stuff.co.nz
1	experience-au.piano.io	www.stuff.co.nz
1	ats.rlcdn.com	www.stuff.co.nz
1	static3.stuff.co.nz	www.stuff.co.nz
1	interactives.stuff.co.nz	www.stuff.co.nz
1	fonts.googleapis.com	www.stuff.co.nz
1	o68184.ingest.sentry.io	www.stuff.co.nz
1	www.npttech.com	www.stuff.co.nz
1	cdn.kdaimo.com	www.stuff.co.nz
1	stuffnz-sydney.gscontxt.net	www.stuff.co.nz
1	www.googletagservices.com	www.stuff.co.nz
1	videos.oovvuu.com	www.stuff.co.nz
1	sdk.apester.com	www.stuff.co.nz
1	static.apester.com	1 redirects
141	75

This site contains links to these domains. Also see Links.

Domain
interactives.stuff.co.nz
advertise.stuff.co.nz
stuff.co.nz
www.stuffads.co.nz
play.stuff.co.nz
neighbourly.co.nz
mags4gifts.co.nz
www.ensemblemagazine.co.nz
www.stuffevents.co.nz
coupons.stuff.co.nz
dashboard.presspatron.com
www.neighbourly.co.nz
travel-booking.stuff.co.nz
wildclean.com
deaths.stuff.co.nz
careers.stuff.co.nz
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
www.stuff.co.nz DigiCert ECC Secure Server CA	`2022-02-21` - `2022-10-05`	7 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
videos.oovvuu.com Amazon	`2021-12-17` - `2023-01-15`	a year	crt.sh
dashboard.presspatron.com Amazon	`2022-02-16` - `2023-03-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-08` - `2022-12-08`	a year	crt.sh
cdn.kdaimo.com Amazon	`2021-10-28` - `2022-11-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.ingest.sentry.io R3	`2022-08-20` - `2022-11-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
*.neighbourly.co.nz R3	`2022-08-10` - `2022-11-08`	3 months	crt.sh
cdn.sajari.com GTS CA 1D4	`2022-07-25` - `2022-10-23`	3 months	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
ffxpub.com Amazon	`2022-06-25` - `2023-07-24`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.aaxads.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
events.apester.com R3	`2022-08-11` - `2022-11-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.stuff.co.nz Amazon	`2021-10-29` - `2022-11-27`	a year	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-17` - `2023-04-17`	a year	crt.sh
*.aaxdetect.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.nuid.imrworldwide.com Amazon	`2022-05-12` - `2023-06-10`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
re.sajari.com GTS CA 1D4	`2022-08-21` - `2022-11-19`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Frame ID: 8ACDB908DF22EBCE08068A7C073B49FF
Requests: 99 HTTP requests in this frame

Frame: https://fairfax.demdex.net/dest5.html?d_nsid=0
Frame ID: DF1DE806E95E70A1BBC4F86F71C6D2AA
Requests: 8 HTTP requests in this frame

Frame: https://dashboard.presspatron.com/websites/153/custom_button
Frame ID: 3E44A7483317A05E05D074B7C7E54FCC
Requests: 3 HTTP requests in this frame

Frame: https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/callback/signin-callback.html?error=login_required&state=3d94a0d0cea64562936cc8f1a2f91e70&session_state=6ab66c603c14b2f9afbc6939fcb8482668cdf06992d619cf2f55221ecbaac131.805472069
Frame ID: F30A06B9E26752B956228DBA7D3666D5
Requests: 2 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: E22349AE4318984BA9F4DFCA7183A6FB
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: C9E8E77AFBC7917EBB7853C8C9D836D7
Requests: 3 HTTP requests in this frame

Frame: https://my.stuff.co.nz/session-management
Frame ID: E5A10220D4661DF0662AF581F0DCDC91
Requests: 4 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxs.php?flg=AAX76609S&fv=1&fy=37&ke=1&suylg=159%2C263%2C167%2C89%2C241%2C267%2C310%2C3004%2C368%2C271%2C213%2C195%2C251%2C206%2C209%2C292%2C356%2C229%2C272%2C214%2C282%2C203&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 887D51FC429C049EB9528E2B728003E3
Requests: 2 HTTP requests in this frame

Frame: https://buy-au.piano.io/checkout/template/cacheableShow?aid=ooaGPZ28pa&templateId=OTQHOG4R57TS&offerId=fakeOfferId&experienceId=EX56LBDCL3RM&iframeId=offer_2e3eb78f8391b101d68d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid-au.piano.io%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.stuff.co.nz
Frame ID: 4F5B9282D278B62698D011FFCF7CE426
Requests: 17 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: E154175126BFFD27FD2C2FB529E6B3EB
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ransomware attack: Waikato DHB supporting patients after documents dumped online | Stuff.co.nzFacebookTwitterWhatsAppRedditEmailFacebookTwitterWhatsAppRedditEmailFacebookTwitterSnapchatShielded Site

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react
react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

141
Requests

92 %
HTTPS

38 %
IPv6

42
Domains

75
Subdomains

57
IPs

8
Countries

2598 kB
Transfer

7428 kB
Size

45
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://interactives.stuff.co.nz/2020/03/support-stuffs-journalism/?utm_supportprogramme=navigationbar
Title: contribute

Search URL Search Domain Scan URL

URL: https://advertise.stuff.co.nz/
Title: Advertising

Search URL Search Domain Scan URL

URL: https://stuff.co.nz/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://stuff.co.nz/about-stuff/10648385/Privacy-Policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://stuff.co.nz/about-stuff/33785/Contact-Us
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.stuffads.co.nz/
Title: stuff ads

Search URL Search Domain Scan URL

URL: https://play.stuff.co.nz/
Title: Play Stuff

Search URL Search Domain Scan URL

URL: https://neighbourly.co.nz/
Title: neighbourly

Search URL Search Domain Scan URL

URL: https://mags4gifts.co.nz/
Title: mags4gifts

Search URL Search Domain Scan URL

URL: https://www.ensemblemagazine.co.nz/
Title: Ensemble

Search URL Search Domain Scan URL

URL: https://www.stuffevents.co.nz/
Title: stuff events

Search URL Search Domain Scan URL

URL: https://coupons.stuff.co.nz/
Title: stuff coupons

Search URL Search Domain Scan URL

URL: https://dashboard.presspatron.com/donations/new?frame=1&t=TJu26zZFBKa635NQ13AZRn8S

Search URL Search Domain Scan URL

URL: https://www.neighbourly.co.nz/
Title: Neighbourly

Search URL Search Domain Scan URL

URL: https://travel-booking.stuff.co.nz/
Title: Travel Bookings

Search URL Search Domain Scan URL

URL: https://wildclean.com/
Title: WildClean

Search URL Search Domain Scan URL

URL: https://deaths.stuff.co.nz/obituaries/stuff-nz
Title: Family Notices

Search URL Search Domain Scan URL

URL: https://careers.stuff.co.nz/
Title: Careers

Search URL Search Domain Scan URL

URL: https://stuff.co.nz/about-stuff/10647720/Stuffs-terms-and-conditions
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Stuff.co.nz
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/NZStuff
Title: Twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://static.apester.com/js/sdk/latest/apester-sdk.js HTTP 301
https://sdk.apester.com/web-sdk.core.legacy.min.js

Request Chain 40

https://secure-gl.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 46

https://cm.everesttech.net/cm/dd?d_uuid=41558262232658943410482505444082331384 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxnSFwAAAFF-nAN-

Request Chain 63

https://my.stuff.co.nz/authorize?client_id=6380a421-afcd-45b4-b9ab-393d3f105da3&redirect_uri=https%3A%2F%2Fwww.stuff.co.nz%2Fstatic%2Fstuff-login-browser-sdk%2F1.2.3%2Fcallback%2Fsignin-callback.html&response_type=id_token%20token&scope=openid%20profile%20email%20address&state=3d94a0d0cea64562936cc8f1a2f91e70&nonce=86d79d22c44844a3bf8e261463df1674&prompt=none HTTP 302
https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/callback/signin-callback.html?error=login_required&state=3d94a0d0cea64562936cc8f1a2f91e70&session_state=6ab66c603c14b2f9afbc6939fcb8482668cdf06992d619cf2f55221ecbaac131.805472069

Request Chain 64

https://fairfaxnzstuffoverallproduction.112.2o7.net/b/ss/fairfaxnz-stuffoverall-production/1/JS-2.17.0/s76035605437006?AQB=1&ndh=1&pf=1&t=8%2F8%2F2022%2011%3A29%3A27%204%200&ce=UTF-8&g=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&c.&getPercentPageViewed=5.0.1&handlePPVevents=4.0&p_fo=3.0&getPreviousValue=3.0&getPageLoadTime=2.0.1&performanceWriteFull=1.0&performanceWritePart=1.0&performanceCheck=1.0&.c&events=&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1 HTTP 302
https://fairfaxnzstuffoverallproduction.112.2o7.net/b/ss/fairfaxnz-stuffoverall-production/1/JS-2.17.0/s76035605437006?AQB=1&pccr=true&ndh=1&pf=1&t=8%2F8%2F2022%2011%3A29%3A27%204%200&ce=UTF-8&g=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&c.&getPercentPageViewed=5.0.1&handlePPVevents=4.0&p_fo=3.0&getPreviousValue=3.0&getPageLoadTime=2.0.1&performanceWriteFull=1.0&performanceWritePart=1.0&performanceCheck=1.0&.c&events=&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1

Request Chain 83

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=41558262232658943410482505444082331384 HTTP 302
https://dpm.demdex.net/ibs:dpid=21&dpuuid=219443204268001752750

Request Chain 90

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1662636567747&ci=nz-stuff&js=1&cg=0&ts=p.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&sr=1600x1200&id=lstrg-c83cbc9531ff825ee63d71de60096e7e HTTP 302
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1662636567747&ci=nz-stuff&js=1&cg=0&ts=p.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&sr=1600x1200&id=lstrg-c83cbc9531ff825ee63d71de60096e7e&ja=1

Request Chain 92

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=41558262232658943410482505444082331384 HTTP 302
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=41558262232658943410482505444082331384&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 99

https://x.dlx.addthis.com/e/demdex_sync?na_exid=41558262232658943410482505444082331384&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022090811292800011180120611

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDE1NTgyNjIyMzI2NTg5NDM0MTA0ODI1MDU0NDQwODIzMzEzODQ= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDE1NTgyNjIyMzI2NTg5NDM0MTA0ODI1MDU0NDQwODIzMzEzODQ=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMDxWuiDeWto3RecRNEWzh4&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 102

https://usermatch.krxd.net/um/v2?partner=adobe&id=41558262232658943410482505444082331384 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=41558262232658943410482505444082331384

Request Chain 106

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=41558262232658943410482505444082331384?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=41558262232658943410482505444082331384?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

141 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online Show response
www.stuff.co.nz/business/125592089/ 129 KB
37 KB 825ms
571ms Document
text/html 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Varnish / Express

Resource Hash

6a45749353d548335942936bb9b3fcfe5d96812bd6028eab342567e9f85547a2

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-inline' 'unsafe-eval' 'report-sample'; img-src http: https: data: blob:; media-src http: https: data: blob:; report-uri https://csp-reporter-production.apse2.ffx.nz/

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=180
content-encoding: gzip
content-length: 37372
content-security-policy: default-src https: data: blob: 'unsafe-inline' 'unsafe-eval' 'report-sample'; img-src http: https: data: blob:; media-src http: https: data: blob:; report-uri https://csp-reporter-production.apse2.ffx.nz/
content-type: text/html; charset=utf-8
date: Thu, 08 Sep 2022 11:29:26 GMT
etag: W/"1f068-fq11GTR1MJAGGD0STe4aey3b2HY"
expires: Thu, 08 Sep 2022 11:32:26 GMT
server: Varnish
server-timing: serverLoadProps=602; "Server load props time", serverRender=10; "Server render time", total=645.9874209999999; "Total Response Time"
vary: Accept-Encoding
x-akamai-transformed: 9 36059 0 pmb=mTOE,2
x-cache-origin: HIT:Varnish
x-esi-enable: 1
x-lastbigmodificationtime: Tue, 29 Jun 2021 05:08:04 GMT
x-lastpublishtime: Tue, 29 Jun 2021 05:08:05 GMT
x-powered-by: Express
x-sics-version: 7.18.10
x-varnish: 76049982 2760927

GET
H2 200 launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js Show response
assets.adobedtm.com/ 412 KB
124 KB 46ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 09675ea155d08e959872d1f64ae603c9e0071d502c7ddfe853e0fbabf7e9cc15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 01:39:50 GMT
server: AkamaiNetStorage
etag: "02c3030e25ead8aa3ab4580fc3536a80:1659317990.308043"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.stuff.co.nz
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 126779
expires: Thu, 08 Sep 2022 12:29:27 GMT

GET
H2 200 stuff-login-sdk.js Show response
www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/ 322 KB
87 KB 27ms
26ms Script
application/javascript 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/stuff-login-sdk.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 286a5bcfa642461849ca5397fde16452a1f50d784bc7cb1631099ced066831ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:26 GMT
content-encoding: gzip
content-length: 88598
x-esi-enable: 0
last-modified: Wed, 19 May 2021 02:37:50 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: W/"f73b63b9788f2f623698b107ed61ddba"
vary: Accept-Encoding
x-varnish: 352248230 325443964
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 08 Sep 2023 11:29:26 GMT

GET
H2 200 stuff-sans.css
www.stuff.co.nz/static/spade/fonts/ 5 KB
721 B 41ms
40ms Stylesheet
text/css 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans.css
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 9d2ed300e56e6818a6d7436b2bf489c58af9948328afc1985caf73a9f444c71d

Request headers

Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Origin: https://www.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:26 GMT
content-encoding: gzip
content-length: 452
x-esi-enable: 0
last-modified: Tue, 17 May 2022 04:11:23 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: W/"8783ea926fd6938471a3adee7992b39b"
vary: Accept-Encoding
x-varnish: 122399417 100822627
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: text/css
expires: Fri, 08 Sep 2023 11:29:26 GMT

GET
H2 200 STUFFSANSWEB-Regular.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ 34 KB
34 KB 41ms
40ms Font
binary/octet-stream 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Regular.woff2
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: eba8e146cb4aeb1da575bb17f8961d2594d0f60af6d7eaed5cdc95c4dcd451a1

Request headers

Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Origin: https://www.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:52 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "fe6cd12a1cf8b8619df8988d8a9de8a6"
x-varnish: 159983135 103426127
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 34328
expires: Fri, 08 Sep 2023 11:29:27 GMT

GET
H2 200 STUFFSANSWEB-Medium.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ 34 KB
34 KB 52ms
51ms Font
binary/octet-stream 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Medium.woff2
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: aa2364dedec6a43252d203e609c5a6f15a8a115004481e2713102c9623fb9435

Request headers

Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Origin: https://www.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:50 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "5ab0cd26b9190f6f68b2662a04b6c497"
x-varnish: 138917018 143623503
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 34512
expires: Fri, 08 Sep 2023 11:29:27 GMT

GET
H2 200 STUFFSANSWEB-SemiBold.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ 34 KB
34 KB 63ms
62ms Font
binary/octet-stream 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-SemiBold.woff2
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 5522fa3faddd44754a3031f0cea90f32c4da5ca5246a91be3f88fd58478d2005

Request headers

Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Origin: https://www.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:51 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "c0f391724faf1f645baa4e7063639d47"
x-varnish: 141964601 87530541
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 34928
expires: Fri, 08 Sep 2023 11:29:27 GMT

GET
H2 200 STUFFSANSWEB-Bold.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ 35 KB
35 KB 68ms
67ms Font
binary/octet-stream 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Bold.woff2
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 94b570c0adf306d4cfd4e6acf9750c96c2f8e8e5ec413d2776f247cdcd70e754

Request headers

Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Origin: https://www.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:45 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "87f1f4039a6a436c46cddb11fab184cd"
x-varnish: 143623696 75768493
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 35376
expires: Fri, 08 Sep 2023 11:29:27 GMT

GET
H2 200 promise.c023f864b8f8372dbaa4.js Show response
www.stuff.co.nz/sics-assets/js/ 9 KB
4 KB 71ms
71ms Script
application/javascript 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/sics-assets/js/promise.c023f864b8f8372dbaa4.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 6e29947674d4ba75d5417e6ad8b7d8f30cc56310394c1e5d4de713b827c31f73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
last-modified: Sun, 29 May 2022 12:04:02 GMT
server: S3
x-esi-enable: 0
x-cache-origin: HIT:Varnish
etag: W/"347ec38f6b02fa33ea79363c64b5bc54"
vary: Accept-Encoding
x-varnish: 138917019 141808218
cache-control: public, max-age=2592000
referer
accept-ranges: bytes
content-type: application/javascript
content-length: 3306
expires: Sat, 08 Oct 2022 11:29:27 GMT

GET
H2 200 stuff-plugins.min.js Show response
www.stuff.co.nz/static/scripts/stuff-plugins/ 6 KB
3 KB 29ms
24ms Script
application/javascript 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/scripts/stuff-plugins/stuff-plugins.min.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 15f0e8785ed86a7e2f77ee7f29dcb9c6dde7dd976e04de99c9d9e4cde7672aa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
content-length: 2408
x-esi-enable: 0
last-modified: Tue, 13 Oct 2020 00:46:27 GMT
server: S3
x-cache-origin: MISS:Varnish
etag: W/"e40968ccc329fa7fbc798f38e6627b5c"
vary: Accept-Encoding
x-varnish: 1514836
access-control-allow-origin: *
cache-control: public, max-age=3600
referer
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 08 Sep 2022 12:29:27 GMT

GET
H2

200

web-sdk.core.legacy.min.js Show response
sdk.apester.com/
Redirect Chain

https://static.apester.com/js/sdk/latest/apester-sdk.js
https://sdk.apester.com/web-sdk.core.legacy.min.js

181 KB
67 KB

88ms
16ms

Script
application/javascript

151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.apester.com/web-sdk.core.legacy.min.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 30496a132a778ca1a50498d1b7c6e288eebf73829056422435996a775a853bca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
age: 32
x-cache: HIT
content-length: 68118
x-served-by: cache-hhn4037-HHN
access-control-allow-origin: *
last-modified: Thu, 08 Sep 2022 07:16:55 GMT
server: nginx/1.20.2
x-timer: S1662636567.365549,VS0,VE0
etag: W/"631996e7-2d552"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
via: 1.1 google, 1.1 varnish
cache-control: public,s-maxage=900,max-age=900
accept-ranges: bytes
x-cache-hits: 70

Redirect headers

date: Thu, 08 Sep 2022 11:15:35 GMT
via: 1.1 google
server: nginx/1.23.1
age: 832
vary: Accept-Encoding
content-type: text/html
location: https://sdk.apester.com/web-sdk.core.legacy.min.js
cache-control: public,s-maxage=942,max-age=942
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 169

GET
H2 200 style.2a242b74b689207.css
www.stuff.co.nz/sics-assets/css/ 143 KB
34 KB 82ms
82ms Stylesheet
text/css 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/sics-assets/css/style.2a242b74b689207.css
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 788428389780b0f3802dcb3ad86176ba22aefec9a6d7f255794755c34d2ec264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 00:39:18 GMT
server: S3
x-esi-enable: 0
x-cache-origin: HIT:Varnish
etag: W/"0aa922f60435207e42f4119e7081de0d"
vary: Accept-Encoding
x-varnish: 163590577 163169701
cache-control: public, max-age=2592000
referer
accept-ranges: bytes
content-type: text/css
content-length: 34148
expires: Sat, 08 Oct 2022 11:29:27 GMT

GET
H2 200 320f0bdb Show response
www.stuff.co.nz/akam/13/ 26 KB
9 KB 42ms
38ms Script
application/javascript 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/akam/13/320f0bdb
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 96845fcfbd803308a459a4b196c7621672f5a5fbcc62c215f028717e9d0d660a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 15:06:59 GMT
etag: "75c62473c659be6878cafe7f2a684b82dfc4a004784f1ce43a348508e91534a4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
content-length: 8774
expires: Thu, 08 Sep 2022 11:29:27 GMT

GET
H2 200 stuff-header-bidding.js Show response
www.stuff.co.nz/static/stuff-header-bidding/latest/ 12 KB
4 KB 36ms
32ms Script
application/javascript 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/stuff-header-bidding/latest/stuff-header-bidding.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 96a1951bf490b344d6776ce3b6539bb632d3019017541d876eb3f50af85444f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
content-length: 3504
x-esi-enable: 0
last-modified: Wed, 27 Jul 2022 00:23:44 GMT
server: S3
x-cache-origin: MISS:Varnish
etag: W/"d0089b3b397dc49b94b80ea407656be3"
vary: Accept-Encoding
x-varnish: 74990664
access-control-allow-origin: *
cache-control: public, max-age=3600
referer
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 08 Sep 2022 12:29:27 GMT

GET
H2 200 react.281b479c7448010394ee.js Show response
www.stuff.co.nz/sics-assets/js/ 13 KB
5 KB 69ms
68ms Script
application/javascript 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/sics-assets/js/react.281b479c7448010394ee.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 0a325decfde845ca807eb95bb738b93e3a39bc9dc5dbbe30006a46d0aaa11985

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 01:35:57 GMT
server: S3
x-esi-enable: 0
x-cache-origin: HIT:Varnish
etag: W/"9401ab3307dd8b043f04e03ebe42f0dd"
vary: Accept-Encoding
x-varnish: 991187634 936731181
cache-control: public, max-age=2592000
referer
accept-ranges: bytes
content-type: application/javascript
content-length: 5109
expires: Sat, 08 Oct 2022 11:29:27 GMT

GET
H2 200 react-dom.8b8c4fd6928848fd149d.js Show response
www.stuff.co.nz/sics-assets/js/ 116 KB
37 KB 76ms
76ms Script
application/javascript 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/sics-assets/js/react-dom.8b8c4fd6928848fd149d.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 075a8ac615514bdfb50ff549c364975167a846d282b3bee916152fee7cdc7a7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 01:35:57 GMT
server: S3
x-esi-enable: 0
x-cache-origin: MISS:Varnish
etag: W/"1acd604c01eff97360cd1c1468f8ce8e"
vary: Accept-Encoding
x-varnish: 289737246
cache-control: public, max-age=2592000
referer
accept-ranges: bytes
content-type: application/javascript
content-length: 37668
expires: Sat, 08 Oct 2022 11:29:27 GMT

GET
H2 200 bundle.1fc241e7bbcb67a90e8b.js Show response
www.stuff.co.nz/sics-assets/js/ 1 MB
335 KB 81ms
81ms Script
application/javascript 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: e8cd27492a8b97fa4c07c1210f85eb04a9a256d00733dec84de8d6bad6548b69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 00:39:20 GMT
server: S3
x-esi-enable: 0
x-cache-origin: MISS:Varnish
etag: W/"b89db241bf0885e11b8853e5cf039af5"
vary: Accept-Encoding
x-varnish: 163758389
cache-control: public, max-age=2592000
referer
accept-ranges: bytes
content-type: application/javascript
content-length: 342412
expires: Sat, 08 Oct 2022 11:29:27 GMT

GET
H2 200 jquery.26d46e64ce99f8c2b31d.js Show response
www.stuff.co.nz/sics-assets/js/ 89 KB
32 KB 89ms
88ms Script
application/javascript 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/sics-assets/js/jquery.26d46e64ce99f8c2b31d.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 292288f03d122da15bcd8cbd10868a0a047cf22e83e0f83c231f48bf23fcb860

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 19:32:17 GMT
server: S3
x-esi-enable: 0
x-cache-origin: HIT:Varnish
etag: W/"4f4d5fcdc89b56a0d720a7f3c6baf992"
vary: Accept-Encoding
x-varnish: 143623698 112594257
cache-control: public, max-age=2592000
referer
accept-ranges: bytes
content-type: application/javascript
content-length: 31937
expires: Sat, 08 Oct 2022 11:29:27 GMT

GET
H2 200 stuff-adfliction.js Show response
www.stuff.co.nz/static/stuff-adfliction/latest/ 26 KB
7 KB 42ms
38ms Script
application/javascript 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/stuff-adfliction/latest/stuff-adfliction.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: d3871e2070a243288259b54f34b530e09ad7005f4aa0938cc8fb3dc6cc096b24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
content-length: 7381
x-esi-enable: 0
last-modified: Wed, 08 Dec 2021 23:32:14 GMT
server: S3
x-cache-origin: MISS:Varnish
etag: W/"4e879fbb43d36013d6258cc8cb948ac4"
vary: Accept-Encoding
x-varnish: 203426487
access-control-allow-origin: *
cache-control: public, max-age=3600
referer
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 08 Sep 2022 12:29:27 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 207 KB
72 KB 93ms
26ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c30517bcf766f2c8b919b9705bf305fcad95108b173a4656d78d5f48c2d06ab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 11:46:38 GMT
etag: "15-2Tu0AR0vrUSM11l0sCFIoPYJlf8"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah-stg
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: e7e99f7cbb7f31f0ddd640b0f546fec7
timing-allow-origin: *, *
content-length: 72872

GET
H2 403 ovu_rec.js
videos.oovvuu.com/stuf/v1/ 0
0 802ms
665ms Script
application/xml 2600:9000:2304:4200:1a:9e13:5280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videos.oovvuu.com/stuf/v1/ovu_rec.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:4200:1a:9e13:5280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 banner Show response
dashboard.presspatron.com/dev/ 11 KB
12 KB 59ms
8ms Script
text/javascript 18.66.147.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.presspatron.com/dev/banner?b=TJu26zZFBKa635NQ13AZRn8S

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-88.fra60.r.cloudfront.net

Software

Resource Hash

1786bfb5bc61c63a26e18ac30db3db9cdf3c87ae30f40ea907fe040ac2a99b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 02:24:53 GMT
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 32673
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: a077d96d-1606-44a4-a5f0-47ff0ffc7db3
x-runtime: 0.006675
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 29 May 2022 23:01:51 GMT
x-frame-options: SAMEORIGIN
etag: W/"39064efd2a3b667f7f5202d39b3a8ce2"
x-download-options: noopen
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400, public
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: 7kt4FCTh_reFWOyYLoOdtK7eAHdpzAz4t8QHKae18LvLAkiRvphFnw==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 47ms
18ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

041cb588d40b81d67a8d055f9b6dfedd08673a7ce038439aee905fcca693128a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28627
x-xss-protection: 0
server: sffe
etag: "1327 / 646 of 1000 / last-modified: 1662635110"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 08 Sep 2022 11:29:27 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 207ms
37ms XHR
application/json 34.242.80.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F5D11253512D2B170A490D45%40AdobeOrg&d_nsid=0&ts=1662636567056

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.80.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-80-80.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7fa11c309a706d09eface346a5ad7fdeb7e98fdfa71ee3ce733cfd8b06f78b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v039-088076b74.edge-irl1.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 1YdbJTLjSsA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.stuff.co.nz
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 748
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EX25d20b7db7d9432e9825e136cd776302-libraryCode_source.min.js Show response
assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/ 60 KB
21 KB 11ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/EX25d20b7db7d9432e9825e136cd776302-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 99a42e69ccec698d9be89d17d7cb3efa693436bd3422b9a038919a8a878128d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 01:39:51 GMT
server: AkamaiNetStorage
etag: "9793a44f79780beea337fcb9fb34d13c:1659317991.177343"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.stuff.co.nz
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 21382
expires: Thu, 08 Sep 2022 12:29:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1647
date: Thu, 08 Sep 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 08 Sep 2022 13:02:00 GMT

GET
H/1.1 200
OK channels.cgi Show response
stuffnz-sydney.gscontxt.net/main/ 224 B
302 B 1067ms
261ms Script
application/javascript 152.67.116.253
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://stuffnz-sydney.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 152.67.116.253 Bungarribee, Australia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: cf38d19d37a13789e99300f5fa0110a86c4d9b3ec76d30a5a731ba72314b45b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 224
Content-Type: application/javascript

GET
H2 200 app.js Show response
cdn.kdaimo.com/stuff-198652/ 9 KB
4 KB 76ms
7ms Script
application/javascript 52.222.214.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kdaimo.com/stuff-198652/app.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8fbf6dbda27863e94305c9a5b26d276bfbb627f7a34a4b0de1e3ee6a6d15fdeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: vaj8jMvZHN7ypgWwU.4jGcJdlZCqtZzK
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 08:19:00 GMT
server: AmazonS3
age: 28344
etag: W/"a1586f9b91059477f2143b249f820258"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
date: Thu, 08 Sep 2022 03:37:04 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: yNpxinUU0voyKSt9QTMjpuya9z_EMZfaFpG3k-5ZLddKrOevkEwVqw==

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 62ms
26ms Script
application/javascript 2606:4700:3032::ac43:bf95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:bf95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1510
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: R7WJTMY5Y63P6NYY
x-amz-id-2: xxxz/2IRc/Ao8ETgX+LQkBlgirZ+qooK7KLztg1Zngaa8ePtjsom288KkB6Tw8My+IWL15okRFM=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2Um%2FzW5CU%2BIo6O3Psxjdjo6QEsajuyUWEAyaSqZYN98ASuNPgmpy0ODlq1%2F5qGBldRX%2Blzpoh0vOjTG%2BYsTRazjadLsuRFn%2BKzZL50OSACK9rdPBuZnQvBhI4IbKABMmXnja2vK62VRhhdijIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 747758b0a96790d6-FRA

GET
H2 200 stuff.js Show response
cdn.brandmetrics.com/tag/28a8e7a75ebc4c80a43b7dcd8c12b39a/ 6 KB
3 KB 57ms
22ms Script
text/javascript 2606:4700:20::681a:79b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/28a8e7a75ebc4c80a43b7dcd8c12b39a/stuff.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:79b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0fcb4ddd51c77676d524222345c107a2832c4b8a35c45941071ea19f2861135

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 11:06:05 GMT
server: cloudflare
age: 1402
cf-polished: origSize=5844
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bld7ZnnQZJ1caEB26Pr3mK%2B%2B%2BAA1Qoo3W9T9ZLGu8izVQF4lridxrACw0KhhVh%2FvpPK7VcPbQYn5y3fJ5IqnxOZmwxJSCBpf4fIacGuRDBmMGIS0wgPqOtI2eL0vv3kXvCh2Wmmrr8VH3i7kWinfot%2Br"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 747758b0a9586997-FRA
cf-bgj: minify

GET
H2 200 STUFFSANSWEB-Light.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ 32 KB
32 KB 38ms
38ms Font
binary/octet-stream 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Light.woff2
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 6becd77411e34f8dcd313296ae9e181664a3b3cc0a044b38e1534dea05336087

Request headers

Referer: https://www.stuff.co.nz/static/spade/fonts/stuff-sans.css
Origin: https://www.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:54 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "81f24298f33f81f2bfe8a812634cc2dd"
x-varnish: 153111627 90555007
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 32732
expires: Fri, 08 Sep 2023 11:29:27 GMT

POST
H2 200 / Show response
o68184.ingest.sentry.io/api/150508/envelope/ 2 B
277 B 65ms
10ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o68184.ingest.sentry.io/api/150508/envelope/?sentry_key=f9b3dddbd86e4cf191a09137f4ce9efa&sentry_version=7

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.stuff.co.nz
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82411ccd8cd8814825970283d58f132cc2baa464062aa0e5fae2132ab9aee2ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 STUFFSANSWEB-Italic.woff2
www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/ 36 KB
36 KB 24ms
23ms Font
binary/octet-stream 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans/WOFF2/STUFFSANSWEB-Italic.woff2
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: e66cccb6fd64ae7c7e428900129c22644e340286024b3e0bcce8b94432745e7b

Request headers

Referer: https://www.stuff.co.nz/static/spade/fonts/stuff-sans.css
Origin: https://www.stuff.co.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
x-esi-enable: 0
last-modified: Tue, 17 May 2022 03:44:44 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: "e1b8b712f979ad8fc5b4d240e93e87b7"
x-varnish: 143044028 75227291
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 36496
expires: Fri, 08 Sep 2023 11:29:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 50ms
20ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather+Sans:300,700

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e7888ff0f09652a80767bad958aaec1cde6d63b3fc958d9cb7d2467bb867ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 11:29:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 08 Sep 2022 11:29:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Sep 2022 11:29:27 GMT

GET
H2 200 standardbyline.css
interactives.stuff.co.nz/2022/rebrand/ 1 KB
722 B 40ms
32ms Stylesheet
text/css 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://interactives.stuff.co.nz/2022/rebrand/standardbyline.css
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 278146e898fab9a0e0a48a19c65a730c2b94a5492a03a621eef220e26712700b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
last-modified: Sun, 29 May 2022 21:28:46 GMT
server: AmazonS3
etag: "62e093a3d53613c68306693462f74234"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600
accept-ranges: bytes
content-length: 524
expires: Thu, 08 Sep 2022 12:29:27 GMT

GET
H2 200 top-pullar-7df13930.jpg
static3.stuff.co.nz/ 91 KB
92 KB 79ms
28ms Image
image/jpeg 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static3.stuff.co.nz/top-pullar-7df13930.jpg
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d6cb4bcf91fb483d6f958f9aec072249aa112f73fca03695a61e8cc98bd8246

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
last-modified: Sun, 22 May 2022 20:18:10 GMT
server: AmazonS3
x-amz-request-id: Q5BMQWEZB3B5XV0Z
etag: "82e1f96adb08c7230bf2c92accc918f4"
x-amz-meta-width: 400
content-type: image/jpeg
cache-control: max-age=22150351
x-amz-meta-height: 400
accept-ranges: bytes
content-length: 93353
x-amz-id-2: z375bzaaEwgRckB8T+ImlcxK8MzBOqVvlV5x++hYvQCE/iz0qwwmSZmywmdMoPW+hZiesGe/mRg=
expires: Mon, 22 May 2023 20:21:58 GMT

GET
H2 200 stuff-sans.css
www.stuff.co.nz/static/spade/fonts/ 5 KB
721 B 23ms
23ms Stylesheet
text/css 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/spade/fonts/stuff-sans.css
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 9d2ed300e56e6818a6d7436b2bf489c58af9948328afc1985caf73a9f444c71d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
content-length: 452
x-esi-enable: 0
last-modified: Tue, 17 May 2022 04:11:23 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: W/"8783ea926fd6938471a3adee7992b39b"
vary: Accept-Encoding
x-varnish: 122399417 100822627
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: text/css
expires: Fri, 08 Sep 2023 11:29:27 GMT

GET
H2 200 openid-configuration Show response
my.stuff.co.nz/.well-known/ 3 KB
2 KB 138ms
23ms XHR
application/json 2a02:26f0:ea:4a6::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stuff.co.nz/.well-known/openid-configuration

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ea:4a6::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

aabf2045079740c4cd6d94f34fbf93ba309ba700153beff2afa134c032fc5e62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY, DENY
content-language: en-NZ
access-control-allow-origin: *
cache-control: must-revalidate, max-age=7200
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
content-length: 835
x-xss-protection: 1; mode=block
expires: Thu, 08 Sep 2022 13:29:27 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
37 KB 77ms
15ms Script
application/x-javascript 13.32.110.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-98.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding: gzip
etag: W/"148e21f812b555a13b2a9c6b616141f4"
age: 35818
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 58acf9e97c03c481f490be71338f7f57
last-modified: Tue, 17 May 2022 11:35:33 GMT
server: AmazonS3
date: Thu, 08 Sep 2022 03:56:15 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: VIE50-C2
content-type: application/x-javascript
x-amz-cf-id: O90yeveQw3p7HRPE5uC-rHqvf9uE9cqSzBvKGg7hhY4RKd_ugk7WrQ==

GET
H2 200 PEC098A72-33DD-408F-96BF-B1E81199868C.js Show response
cdn-gl.imrworldwide.com/conf/ 28 KB
7 KB 51ms
9ms Script
application/javascript 2600:9000:236e:8000:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PEC098A72-33DD-408F-96BF-B1E81199868C.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:8000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb5c24b4ea797b4578b5e62a0b549058f81130f4c360afc4b113d013053df318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: L89WTbv2nMKXuzKb4wOYusAywbpuUu80
content-encoding: gzip
etag: W/"b5f202e92de2a59d308bd4774e7eb736"
last-modified: Thu, 08 Sep 2022 03:19:22 GMT
server: AmazonS3
age: 2755
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Thu, 08 Sep 2022 10:46:57 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Dvp8YDipnyHhIINiTDijPjpnDRA4iR5tsKRIr2p6RfjmHToRmTCqdA==

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-gl.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

8ms
8ms

Script
application/javascript

2600:9000:236e:8000:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Server: 2600:9000:236e:8000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 117ed873640b992e38f34a0a761dd3e1cda6b3c24c9507bb3adc0323039f8ff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: PmT0ztgo6pW7kPCi5f5AnKDRXRQLwscI
content-encoding: gzip
etag: W/"3bad78b036ef952c6ace672b2251b459"
last-modified: Mon, 25 Jul 2022 13:33:52 GMT
server: AmazonS3
age: 27552
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 08 Sep 2022 03:50:16 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: URtkENGGd2cDwJzNZ8Tvii8f3Jh8lpfr2ES_b6FxoGoiaoZCg-QQHw==

Redirect headers

date: Thu, 08 Sep 2022 11:29:27 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-type: text/html
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-length: 134
x-amz-cf-id: MYiM2H2Ke2PNgBJ4vFoJL2Rk9DP8vuRKb5HxUcc0qi42eGtdqiUZ2Q==

GET
H2 200 load Show response
experience-au.piano.io/xbuilder/experience/ 5 KB
2 KB 63ms
25ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience-au.piano.io/xbuilder/experience/load?aid=ooaGPZ28pa

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5cada74514ea791cf21ea5c1500de5fc08454e947f0aea484b8e5ef2ce4ea18

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 2517
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: K6n0whrCxcP
wn: prod-au-exp-10-1-2-134
last-modified: Thu, 08 Sep 2022 10:47:30 GMT
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 747758b1bbc7bbd7-FRA
expires: Thu, 08 Sep 2022 11:59:27 GMT

GET
H2 200 neighbourly-stuff-widget-init.js Show response
cdn.neighbourly.co.nz/js/ 7 KB
7 KB 100ms
15ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.neighbourly.co.nz/js/neighbourly-stuff-widget-init.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1d858cbffd70b52bf6b006f81d7616c495d26830775b826d82e5cbe42a66a1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 2584855
x-cache: HIT, HIT
content-length: 7140
x-amz-id-2: pFFKCw9qEbfYmk3jRAYN674rQSKD+jSnggk4bsO5JjjOnYoO2GIk+KBpSEAaIgSlbnyZT5W5VDU=
x-served-by: cache-akl10328-AKL, cache-hhn4041-HHN
last-modified: Mon, 11 Apr 2022 07:57:14 GMT
server: AmazonS3
x-timer: S1662636567.368743,VS0,VE1
etag: "45f09beeb97c3038dcda66755ae99d88"
x-amz-request-id: 65W9CCD5CA25X9PH
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: text/javascript
x-cache-hits: 294485, 1

GET
H2 200 sj.js Show response
cdn.sajari.com/js/ 73 KB
23 KB 48ms
11ms Script
application/javascript 35.190.50.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sajari.com/js/sj.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.50.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.50.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9d73ef96b9d0d9d2e2f4a8c2133eac7bd5fc9e3e0ec952a7d383e44a4b677db5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 09:16:31 GMT
content-encoding: gzip
age: 7976
x-guploader-uploadid: ADPycdt3q1Up6IMxImyWtNw4h9M-6ECrC3IalydA9kI-SbIaBPZaHFi1y3DI5LQj4qUqGaIfQFP8Qib4pkdxkgigmA7Y0njYltKE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22509
last-modified: Wed, 19 Jan 2022 01:42:06 GMT
server: UploadServer
etag: "1dfd79b4ef7eb5438a7553c1e91a8755"
x-goog-hash: crc32c=FsLJcA==, md5=Hf15tO9+tUOKdVPB6RqHVQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1642556526050451
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400,no-transform
x-goog-stored-content-length: 22509
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 09 Sep 2022 09:16:31 GMT

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
256 B 420ms
90ms Image
image/gif 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplifypixel.outbrain.com/pixel?mid=0078c40ea964a99524a9e6feea5ac19649
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 11:29:27 GMT
Cache-Control: no-cache
X-TraceId: 730b23839178ea19b89dc852da14d729
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK dest5.html Show response
fairfax.demdex.net/ Frame DF1D 7 KB
3 KB 186ms
31ms Document
text/html 52.215.111.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fairfax.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.111.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-111-225.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v039-0f286e29e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Bi9Tr2t/Re4=
content-encoding: gzip
date: Thu, 8 Sep 2022 11:29:27 GMT
last-modified: Tue, 6 Sep 2022 11:03:24 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YxnSFwAAAFF-nAN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=41558262232658943410482505444082331384
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxnSFwAAAFF-nAN-

42 B
942 B

37ms
37ms

Image
image/gif

34.242.80.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxnSFwAAAFF-nAN-

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

HTTP/1.1

Server

34.242.80.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-80-80.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v039-0b54e41db.edge-irl1.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ZlG+bFSuT3g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxnSFwAAAFF-nAN-
Date: Thu, 08 Sep 2022 11:29:27 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
fairfaxnz.tt.omtrdc.net/rest/v1/ 352 B
717 B 138ms
40ms XHR
application/json 52.30.241.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fairfaxnz.tt.omtrdc.net/rest/v1/delivery?client=fairfaxnz&sessionId=37176587cf7b4da6ac6c04f37051ab3a&version=2.3.3
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.241.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-241-123.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ce37160cbea725a559df460411c8e3f5995430bf35d9a792ab7ed38ef6db08df

Request headers

Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.stuff.co.nz
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 045521f3e2bc52209ab1e2168a28d4a4

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 RC4048bcc2fe11411f8017a6dbfbb87a14-source.min.js Show response
assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/ 708 B
700 B 8ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/RC4048bcc2fe11411f8017a6dbfbb87a14-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f150e1bbb75e086a62af5776f3d2a4a4da21e42f7d736904b3daf59f7ab0d8a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 01:39:51 GMT
server: AkamaiNetStorage
etag: "9793a44f79780beea337fcb9fb34d13c:1659317991.177343"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.stuff.co.nz
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 434
expires: Thu, 08 Sep 2022 12:29:27 GMT

GET
H2 200 RC547aaccc21c34cc58a30baa19a642b74-source.min.js Show response
assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/ 1 KB
884 B 9ms
9ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/RC547aaccc21c34cc58a30baa19a642b74-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 71bb74021340ca7d325619d0d0da90651add48bc4c627a4c60219fda7fc40a35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 01:39:51 GMT
server: AkamaiNetStorage
etag: "9793a44f79780beea337fcb9fb34d13c:1659317991.177343"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.stuff.co.nz
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 618
expires: Thu, 08 Sep 2022 12:29:27 GMT

GET
H2 200 prebid-6.6.0.js Show response
www.stuff.co.nz/static/prebid/ 336 KB
103 KB 24ms
23ms Script
application/javascript 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/prebid/prebid-6.6.0.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/static/stuff-header-bidding/latest/stuff-header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 7d0b5690d943eeec5db9b0344f07d4faf581c1f9452790fbab40ad4c11e78b57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
content-length: 105288
x-esi-enable: 0
last-modified: Tue, 11 Jan 2022 19:58:52 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: W/"ff7b5da47802875cad559005698b70de"
vary: Accept-Encoding
x-varnish: 212961565 189139465
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 08 Sep 2023 11:29:27 GMT

GET
H2 200 1624943285240.jpg
resources.stuff.co.nz/content/dam/images/4/y/s/u/d/b/image.related.StuffLandscapeSixteenByNine.1240x700.22rvh5.png/ 76 KB
77 KB 52ms
9ms Image
image/jpeg 151.101.2.227
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.stuff.co.nz/content/dam/images/4/y/s/u/d/b/image.related.StuffLandscapeSixteenByNine.1240x700.22rvh5.png/1624943285240.jpg?format=pjpg&optimize=medium

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.227 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

NZCMS /

Resource Hash

48c6d12327593c8395849eaaa62a016dd10711495824a90ca550a5aafeb06d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
via: 1.1 varnish (Varnish/6.6), 1.1 varnish, 1.1 varnish
age: 1752751
x-cache: HIT, HIT
fastly-io-info: ifsz=88543 idim=1240x697 ifmt=jpeg ofsz=78109 odim=1240x697 ofmt=jpeg
fastly-stats: io=1
content-length: 78109
x-served-by: cache-akl10333-AKL, cache-hhn4021-HHN
x-esi-enable: 0
server: NZCMS
x-timer: S1662636567.459034,VS0,VE2
x-cache-origin: MISS:Varnish
etag: "rBz45zysp3fhda/hoacjdluXw7HQr46uKegxV4/QSZs"
strict-transport-security: max-age=300
content-type: image/jpeg
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 client-location.js Show response
www.stuff.co.nz/static/scripts/stuff-plugins/client-location/1.0.1/ 269 B
486 B 26ms
25ms Script
application/javascript 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/scripts/stuff-plugins/client-location/1.0.1/client-location.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/static/stuff-adfliction/latest/stuff-adfliction.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: b7fb9afe7b176646cc40746bc22781db9ff7db6bfaa0a4578f82bd74d4912456

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
x-esi-enable: 1
server: S3
etag: W/"91551206f4feb50d8b9c53c097b6d7a6"
vary: Accept-Encoding
x-varnish: 977277205 286389187
access-control-allow-origin: *
cache-control: max-age=7200
content-type: application/javascript
content-length: 269
expires: Thu, 08 Sep 2022 13:29:27 GMT

GET
H2 200 nativform-all.min.js Show response
sdk.ffxpub.com/web/v3/3.1.10/ 75 KB
20 KB 60ms
8ms Script
application/javascript 2600:9000:223e:6000:1e:9232:ebc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.ffxpub.com/web/v3/3.1.10/nativform-all.min.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/static/stuff-adfliction/latest/stuff-adfliction.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:6000:1e:9232:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28b8b88196f15352c2c5fd6411ae1da28f72cc1ed3cbf26a13eef570d2d9b101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:01:20 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 23:47:57 GMT
server: AmazonS3
age: 30488
etag: W/"cbed1c09321bb7f2d1357e160b9b33b8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 3lBBKPzScIMlelQpZ1XPuIYYl1K3KslAREPFVQjv9sbJiP4nCVyTTg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 18ms
17ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1378135538&t=pageview&_s=1&dl=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&ul=en-us&de=UTF-8&dt=Ransomware%20attack%3A%20Waikato%20DHB%20supporting%20patients%20after%20documents%20dumped%20online%20%7C%20Stuff.co.nz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1077155148&gjid=105076521&cid=326823617.1662636567&tid=UA-1056754-1&_gid=945875199.1662636567&_r=1&_slc=1&z=2049166100

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 11:29:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stuff.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 custom_button Show response
dashboard.presspatron.com/websites/153/ Frame 3E44 259 B
782 B 8ms
8ms Document
text/html 18.66.147.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.presspatron.com/websites/153/custom_button

Requested by

Host: dashboard.presspatron.com
URL: https://dashboard.presspatron.com/dev/banner?b=TJu26zZFBKa635NQ13AZRn8S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-88.fra60.r.cloudfront.net

Software

Resource Hash

01a02851049854d2d7e2ce81446cabdd55afe68b68bdd7ee09be35bc3dc504ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31750
cache-control: max-age=86400, public
content-type: text/html; charset=utf-8
date: Thu, 08 Sep 2022 02:40:17 GMT
etag: W/"01a02851049854d2d7e2ce81446cabdd"
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-id: e9XFDEpV_u_re59UNG6jwXHngpfnOO5E8xtBad7Bl6td5MZEX0G3jQ==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 1f40a010-ae39-4677-a6d0-96b0fb6446c9
x-runtime: 0.002198
x-xss-protection: 1; mode=block

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 42 KB
14 KB 17ms
16ms Script
text/javascript 2606:4700:20::681a:79b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=0cf2cb43-ab90-48b9-94fa-f5bf6ebdd0ed&toploc=www.stuff.co.nz
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/28a8e7a75ebc4c80a43b7dcd8c12b39a/stuff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:79b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6200739690705845c8c84e0c50795221872b62623a68106f19d9793d6a434636

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 10:50:18 GMT
server: cloudflare
age: 2349
cf-polished: origSize=44111
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJaXBae1VNyvnij3VF49Q2QzvkjMEzmJbB%2FFG2ds8drUVhInatD%2Fedfqas9ohaDvYCoVEvt88wSf27fUAEq3l9f%2F%2Fohbn3AzxyM42kHJiA2s0HOpm501s7fjKk4Q0gdNAjQ%2FHhv1ggqCRotrJTPrNUmZ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 747758b26c466997-FRA
cf-bgj: minify

GET
H2 200 pubads_impl_2022090101.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 45ms
7ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 10:53:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131916
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 08:36:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Sep 2023 10:53:19 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 177 B
756 B 78ms
42ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.stuff.co.nz

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

11d6af78e66283ece20bc13c4439f9beea0cac411e9ac90ee81f74ce290bf2aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
expires: Thu, 08 Sep 2022 11:29:27 GMT

GET
H/1.1 200
OK d3d3LnN0dWZmLmNvLm56 Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
463 B 88ms
16ms XHR
application/json 23.202.54.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnN0dWZmLmNvLm56
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.54.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-54-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 11:29:27 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=8124
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 3c227982c909c52cbf0b0302f6b43425
Content-Length: 16
Expires: Thu, 08 Sep 2022 13:44:51 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 29ms
16ms Image
image/gif 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Sat, 08 Oct 2022 11:29:27 GMT

GET
H2

200

signin-callback.html Show response
www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/callback/ Frame F30A
Redirect Chain

https://my.stuff.co.nz/authorize?client_id=6380a421-afcd-45b4-b9ab-393d3f105da3&redirect_uri=https%3A%2F%2Fwww.stuff.co.nz%2Fstatic%2Fstuff-login-browser-sdk%2F1.2.3%2Fcallback%2Fsignin-callback.ht...
https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/callback/signin-callback.html?error=login_required&state=3d94a0d0cea64562936cc8f1a2f91e70&session_state=6ab66c603c14b2f9afbc6939fcb84826...

229 B
934 B

33ms
33ms

Document
text/html

2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/callback/signin-callback.html?error=login_required&state=3d94a0d0cea64562936cc8f1a2f91e70&session_state=6ab66c603c14b2f9afbc6939fcb8482668cdf06992d619cf2f55221ecbaac131.805472069

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/stuff-login-sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

S3 /

Resource Hash

33def4d457d490ce89b5e6be3dcf904c25d03a50dd7f7a65237f395d7161b5e4

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-inline' 'unsafe-eval' 'report-sample'; img-src http: https: data: blob:; media-src http: https: data: blob:; report-uri https://csp-reporter-production.apse2.ffx.nz/

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 229
content-security-policy: default-src https: data: blob: 'unsafe-inline' 'unsafe-eval' 'report-sample'; img-src http: https: data: blob:; media-src http: https: data: blob:; report-uri https://csp-reporter-production.apse2.ffx.nz/
content-type: text/html
date: Thu, 08 Sep 2022 11:29:27 GMT
etag: W/"87597ea852799e4231ddd983159493b6"
expires: Fri, 08 Sep 2023 11:29:27 GMT
server: S3
vary: Accept-Encoding
x-cache-origin: MISS:Varnish
x-esi-enable: 1
x-varnish: 691634614

Redirect headers

content-length: 0
date: Thu, 08 Sep 2022 11:29:27 GMT
location: https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/callback/signin-callback.html?error=login_required&state=3d94a0d0cea64562936cc8f1a2f91e70&session_state=6ab66c603c14b2f9afbc6939fcb8482668cdf06992d619cf2f55221ecbaac131.805472069

GET
H2

200

s76035605437006
fairfaxnzstuffoverallproduction.112.2o7.net/b/ss/fairfaxnz-stuffoverall-production/1/JS-2.17.0/
Redirect Chain

https://fairfaxnzstuffoverallproduction.112.2o7.net/b/ss/fairfaxnz-stuffoverall-production/1/JS-2.17.0/s76035605437006?AQB=1&ndh=1&pf=1&t=8%2F8%2F2022%2011%3A29%3A27%204%200&ce=UTF-8&g=https%3A%2F%...
https://fairfaxnzstuffoverallproduction.112.2o7.net/b/ss/fairfaxnz-stuffoverall-production/1/JS-2.17.0/s76035605437006?AQB=1&pccr=true&ndh=1&pf=1&t=8%2F8%2F2022%2011%3A29%3A27%204%200&ce=UTF-8&g=ht...

43 B
308 B

20ms
20ms

Image
image/gif

13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fairfaxnzstuffoverallproduction.112.2o7.net/b/ss/fairfaxnz-stuffoverall-production/1/JS-2.17.0/s76035605437006?AQB=1&pccr=true&ndh=1&pf=1&t=8%2F8%2F2022%2011%3A29%3A27%204%200&ce=UTF-8&g=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&c.&getPercentPageViewed=5.0.1&handlePPVevents=4.0&p_fo=3.0&getPreviousValue=3.0&getPageLoadTime=2.0.1&performanceWriteFull=1.0&performanceWritePart=1.0&performanceCheck=1.0&.c&events=&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 11:29:27 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 11:29:27 GMT
server: jag
etag: 3570484841479372800-4619435539585576718
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-type: image/gif;charset=utf-8
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 07 Sep 2022 11:29:27 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 11:29:27 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 11:29:27 GMT
server: jag
access-control-allow-origin: *
vary: Origin
p3p: CP="This is not a P3P policy"
location: https://fairfaxnzstuffoverallproduction.112.2o7.net/b/ss/fairfaxnz-stuffoverall-production/1/JS-2.17.0/s76035605437006?AQB=1&pccr=true&ndh=1&pf=1&t=8%2F8%2F2022%2011%3A29%3A27%204%200&ce=UTF-8&g=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&c.&getPercentPageViewed=5.0.1&handlePPVevents=4.0&p_fo=3.0&getPreviousValue=3.0&getPageLoadTime=2.0.1&performanceWriteFull=1.0&performanceWritePart=1.0&performanceCheck=1.0&.c&events=&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-type: text/plain;charset=utf-8
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 07 Sep 2022 11:29:27 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 63ms
20ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1056754-1&cid=326823617.1662636567&jid=1077155148&gjid=105076521&_gid=945875199.1662636567&_u=IEBAAAAAAAAAAC~&z=2097023348

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 08 Sep 2022 11:29:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.stuff.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 195 KB
55 KB 9ms
9ms Script
application/javascript 2600:9000:236e:8000:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PEC098A72-33DD-408F-96BF-B1E81199868C.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:8000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: DrLErfhsYc9Oxds2t7Wz_kyLr0yC.GSp
content-encoding: gzip
etag: W/"81a9e2a298d0019660cb2966f0c24748"
age: 210
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Mon, 02 May 2022 13:40:06 GMT
server: AmazonS3
date: Thu, 08 Sep 2022 11:25:58 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: e9fsiFpIfXRXCv5uWwa0zllF5_o7RGPu7JY6tK4J4vFpVSdi3bw5tw==

GET
H2 200 tinypass.min.js Show response
code.piano.io/api/ 324 KB
94 KB 39ms
26ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://code.piano.io/api/tinypass.min.js

Requested by

Host: experience-au.piano.io
URL: https://experience-au.piano.io/xbuilder/experience/load?aid=ooaGPZ28pa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fde9277e699de5f4419f378e798a3a4ddbfd429b9b6a466b64d9b2ef8526a55f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 13607
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: XS0QVS5R7J1R5PPS
x-amz-id-2: PzNR0wH5X+RqUWuxJn3PTYgJqhpy2NI4XbW0EWKe7Wkj/kX3sAHWns4Y3PosjYWJFnKQXvogS1I=
last-modified: Wed, 07 Sep 2022 07:35:20 GMT
server: cloudflare
etag: W/"f2c903915e3b113518e26ede467035b1"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=14400
x-amz-version-id: 4lbnnZZJ_PFJVTSqGUiQejFbkHmsr40v
cf-ray: 747758b2fe39bbd7-FRA
expires: Thu, 08 Sep 2022 15:29:27 GMT

GET
H2 200 analytics-d638025feae8bf2e59655e6dc360d52f950aedf8a393c057e60a880c53e438ff.js Show response
d867x8xq12ag.cloudfront.net/v1.6.1-41-gc542807f/assets/ Frame 3E44 367 B
736 B 60ms
9ms Script
application/javascript 2600:9000:223d:8e00:1b:11ff:f600:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d867x8xq12ag.cloudfront.net/v1.6.1-41-gc542807f/assets/analytics-d638025feae8bf2e59655e6dc360d52f950aedf8a393c057e60a880c53e438ff.js
Requested by: Host: dashboard.presspatron.com
URL: https://dashboard.presspatron.com/websites/153/custom_button
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:8e00:1b:11ff:f600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86e4cea7590220e8b29905c5a92057f3e98d11f8e225a1e0ca762a1c83e6d8f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.presspatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
last-modified: Thu, 18 Aug 2022 03:48:31 GMT
server: AmazonS3
age: 20864
etag: "d4942a08aa647f1e5c41ee5eb3a2220c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31556952
date: Thu, 08 Sep 2022 05:41:56 GMT
x-amz-cf-pop: FRA56-P3
content-length: 367
x-amz-cf-id: 0zwCQOR3HQTELYeZkok01Rmu9SOerdpa6uPpvR_XRZ9xlAx20xr8Xw==

GET
H2 200 aax.js Show response
c.aaxads.com/ 474 KB
121 KB 119ms
43ms Script
text/javascript 23.205.241.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAX76609S&hst=www.stuff.co.nz&ver=1.2

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-241-117.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c43f0bab4c9b71e46c8051079e4bd98cbe627ccedd66c9bcaee69d11d7301249

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Thu, 08 Sep 2022 11:29:27 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Thu, 08 Sep 2022 11:59:27 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/stuff.co.nz/ 74 KB
26 KB 38ms
8ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/stuff.co.nz/p.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 635a136e36d4a58ca3d882b71061c4764b613fe4361ea61b22dade8abda2c4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: public
date: Thu, 08 Sep 2022 02:35:58 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 18:45:41 GMT
server: nginx
age: 32009
etag: W/"611177d5-126a4"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 0iC2a1Jl__8a6kTxThF1Vy00lpsC0LR00kNHsv2oaPtgYOFPHxFOnQ==
expires: Fri, 09 Sep 2022 02:35:58 GMT

OPTIONS
H2 204 event
events.apester.com/ Frame 0
0 177ms
119ms Preflight 35.227.201.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://events.apester.com/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.201.100 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 100.201.227.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.stuff.co.nz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: OPTIONS,OPTIONS
access-control-allow-origin: https://www.stuff.co.nz
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 08 Sep 2022 11:29:27 GMT
via: 1.1 google

POST
H3 202 event Show response
events.apester.com/ 0
14 B 137ms
119ms XHR
text/plain 35.227.201.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://events.apester.com/event

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.227.201.100 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

100.201.227.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
date: Thu, 08 Sep 2022 11:29:27 GMT
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.stuff.co.nz
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 70ms
44ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1056754-1&cid=326823617.1662636567&jid=1077155148&_u=IEBAAAAAAAAAAC~&z=907996057

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 11:29:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 70ms
45ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1056754-1&cid=326823617.1662636567&jid=1077155148&_u=IEBAAAAAAAAAAC~&z=907996057

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 11:29:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 channel Show response
adfeeds.stuff.co.nz/v1/ 243 B
517 B 1437ms
1401ms XHR
application/xml 151.101.66.227
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://adfeeds.stuff.co.nz/v1/channel?v=1&p=desktop&s=/business/null/null/null/null&l=/International&pt=article
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.227 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f0d674f0ca536185172d956cda40c55c969b4dcfa3bd019f667aaae684692c4d

Request headers

Accept: */*
Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:29 GMT
via: 1.1 varnish
x-timer: S1662636568.640053,VS0,VE1394
x-served-by: cache-hhn4046-HHN
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/xml
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: MISS
accept-ranges: bytes
fastly-restarts: 1
x-cache-hits: 0

GET
H/1.1 200
OK config-nativform-article-mobileweb-v1.json Show response
adapi.stuff.co.nz/adcontrol/config/ 430 B
989 B 1194ms
297ms XHR
application/json 3.105.141.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adapi.stuff.co.nz/adcontrol/config/config-nativform-article-mobileweb-v1.json
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.105.141.111 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-105-141-111.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 3207d12eddcd5a7207fa64a26747eb2bc81a7544d2f871abe2e5424895100966

Request headers

Accept: */*
Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 11:29:28 GMT
Last-Modified: Sun, 08 Apr 2018 21:48:48 GMT
Server: nginx
ETag: "842844853d50938be214b5c55a4615c5"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: max-age=60, public
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 430
Expires: Thu, 08 Sep 2022 11:30:28 GMT

GET
H2 200 storageframe.html Show response
secure-gl.imrworldwide.com/ Frame E223 11 KB
4 KB 104ms
103ms Document
text/html 2600:9000:223c:e400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 11:29:27 GMT
etag: W/"62f143e3-2b27"
last-modified: Mon, 08 Aug 2022 17:12:03 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-id: fSm4Rs3uKyvhac7Oh6T_A5YZZUvp1BWd-jVMyzooe9ec_hmMRwo8QQ==
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront

GET
H2 200 get.js Show response
buy-au.piano.io/api/v3/anon/captcha/ 153 B
273 B 34ms
25ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-au.piano.io/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=ooaGPZ28pa

Requested by

Host: code.piano.io
URL: https://code.piano.io/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda1d957a50af4fd0ca8e7740f4e8964d915265b69814f87c86d33f4df22af15

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 158
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Kpg2whrHUe6
pragma
wn: prod-au-dash-10-1-4-44
last-modified: Thu, 08 Sep 2022 11:26:49 GMT
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=14400
cf-ray: 747758b3effdbbd7-FRA
expires: Thu, 08 Sep 2022 15:29:27 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 23 KB
6 KB 41ms
12ms Script
application/x-javascript 2a02:26f0:3500:898::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: code.piano.io
URL: https://code.piano.io/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:898::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 11:29:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 May 2022 19:29:56 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5964
Expires: Thu, 08 Sep 2022 12:29:27 GMT

POST
H2 200 execute Show response
c2-au.piano.io/xbuilder/experience/ 10 KB
3 KB 1065ms
1054ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2-au.piano.io/xbuilder/experience/execute?aid=ooaGPZ28pa

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15ad4a5fcdaa28afc0e850112a53a64e23eb10ae90b2d312a3f0140a7171a24b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
content-encoding: br
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: sm7bfcwhoz
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.stuff.co.nz
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 747758b3f813bbd7-FRA

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 3E44 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: d867x8xq12ag.cloudfront.net
URL: https://d867x8xq12ag.cloudfront.net/v1.6.1-41-gc542807f/assets/analytics-d638025feae8bf2e59655e6dc360d52f950aedf8a393c057e60a880c53e438ff.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.presspatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1647
date: Thu, 08 Sep 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 08 Sep 2022 13:02:00 GMT

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame C9E8 12 KB
4 KB 9ms
8ms Document
text/html 2600:9000:236e:8000:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:8000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 590
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Thu, 08 Sep 2022 11:19:38 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified: Mon, 02 May 2022 13:40:06 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
x-amz-cf-id: ZJZ7GoW4Iq4--v-hwv0cUKMi269wAdnDwvA4xdDqYAKQAxWIS_v45A==
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: pCvO2RaXRfPysrOm9wpmYmW2HbKONfJo
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

ibs:dpid=21&dpuuid=219443204268001752750
dpm.demdex.net/ Frame DF1D
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=41558262232658943410482505444082331384
https://dpm.demdex.net/ibs:dpid=21&dpuuid=219443204268001752750

42 B
942 B

42ms
41ms

Image
image/gif

34.242.80.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=21&dpuuid=219443204268001752750

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

HTTP/1.1

Server

34.242.80.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-80-80.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fairfax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v039-0302e3fc5.edge-irl1.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: lrttwk+HRcw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 11:29:27 GMT
server: AAWebServer
location: https://dpm.demdex.net/ibs:dpid=21&dpuuid=219443204268001752750
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 161ms
32ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1662636567689&plid=99396836&idsite=stuff.co.nz&url=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22user_type%22%3A%5B%22FlyBys%22%5D%7D&sid=1&surl=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&sref=&sts=1662636567685&slts=0&title=Ransomware+attack%3A+Waikato+DHB+supporting+patients+after+documents+dumped+online+%7C+Stuff.co.nz&date=Thu+Sep+08+2022+11%3A29%3A27+GMT%2B0000+(GMT)&action=pageview&pvid=325372&u=pid%3De03fdb3f76c380e38095588823357808
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 11:29:27 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 08-Sep-2022 11:29:27 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 pxusr.gif
c.aaxads.com/ 43 B
220 B 8ms
7ms Image
image/gif 23.205.241.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/pxusr.gif

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-241-117.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 08 Sep 2022 11:29:27 GMT
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: max-age=565513
accept-ranges: bytes
content-length: 43
expires: Thu, 15 Sep 2022 00:34:40 GMT

GET
H/1.1 200
OK pxext.gif
www.aaxdetect.com/ 43 B
342 B 49ms
7ms Image
image/gif 23.205.239.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aaxdetect.com/pxext.gif
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.239.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-239-15.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62: 8096267
Date: Thu, 08 Sep 2022 11:29:27 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=683524
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 16 Sep 2022 09:21:31 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 91 KB
29 KB 12ms
11ms Script
application/x-javascript 2a02:26f0:3500:898::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:898::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3c2824b5d9d3293a4d3b231891aa2834a476f16463bfb8824e7a8225bba32053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 11:29:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2022 12:17:53 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29505
Expires: Thu, 08 Sep 2022 12:29:27 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame C9E8 44 B
721 B 295ms
34ms Image
image/gif 54.75.143.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PEC098A72-33DD-408F-96BF-B1E81199868C&sessionId=5pscixrq8sowctgzaplifoconwfeq1662636567&c16=sdkv,bj.6.0.0&uoo=&fp_id=rh3omzc3yprc2s5vu5m9xjcg1fpuh1662636567&fp_cr_tm=1662636567671&fp_acc_tm=1662636567671&fp_emm_tm=1662636567671&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.143.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-143-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 11:29:28 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
5pscixrq8sowctgzaplifoconwfeq1662636567.nuid.imrworldwide.com/ Frame C9E8 35 B
351 B 57ms
7ms Image
image/gif 2600:9000:223f:2c00:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5pscixrq8sowctgzaplifoconwfeq1662636567.nuid.imrworldwide.com/
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2c00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 02:19:24 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 33005
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 35
x-amz-cf-id: zscxvmsPYsVl4wITn2_QTV_omBaqOADLglKvsHYL8FhbA_5wdKtDqQ==

GET
H2

200

m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1662636567747&ci=nz-stuff&js=1&cg=0&ts=p.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Franso...
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1662636567747&ci=nz-stuff&js=1&cg=0&ts=p.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Franso...

44 B
751 B

100ms
100ms

Image
image/gif

2600:9000:223c:e400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1662636567747&ci=nz-stuff&js=1&cg=0&ts=p.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&sr=1600x1200&id=lstrg-c83cbc9531ff825ee63d71de60096e7e&ja=1
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Server: 2600:9000:223c:e400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: NyDf9WIMeT_xtHzGJaRgoSKzLoeC9mi_9jSUw0PuGk6lPV9QylNg2Q==
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

date: Thu, 08 Sep 2022 11:29:27 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 0
pragma: no-cache
access-control-allow-origin: *
server: nginx
access-control-allow-methods: POST, OPTIONS
location: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1662636567747&ci=nz-stuff&js=1&cg=0&ts=p.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&sr=1600x1200&id=lstrg-c83cbc9531ff825ee63d71de60096e7e&ja=1
cache-control: no-cache
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: M0_PkC61UbwZ90TgGQx9k_hV2_IIrXi6Md6GB8YNcVODUFzIF7mL5Q==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 2 KB
1 KB 217ms
159ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&idx=0&rand=4073&key=NANOWDGT01&widgetJSId=AR_15&va=true&et=true&format=html&adblck=false&abwl=false&px=225&py=5360&vpd=4160&cw=782&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000877&sig=CwbtIJ4o&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 649cbacad711d96b315d708ba7f39c3670ea191df40784666ca1917ca39d0b49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1662636568.812962,VS0,VE125
accept-ranges: bytes
x-served-by: cache-lga21942-LGA, cache-fra19171-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: d35e118f77b4a2be8bb434f4a3eb74db
content-encoding: gzip
content-length: 1129
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel.gif
load77.exelator.com/ Frame DF1D
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=41558262232658943410482505444082331384
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=41558262232658943410482505444082331384&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
332 B

107ms
7ms

Image
image/gif

2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fairfax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-77-nzt: AZySIRC+ITD/ATYBAA
x-accel-expires: @1663594006
date: Thu, 08 Sep 2022 11:29:27 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: ArlsDD92QkQ
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 79361
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Thu, 08 Sep 2022 11:29:27 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 log
l3.aaxads.com/ 35 B
194 B 68ms
55ms Image
image/gif 23.205.241.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=69&dgw=desktop&flg=AAX76609S&fw=NURNBERG&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=stuff.co.nz&vhuyqdph=ssp-serving-6c4d85c8c9-d4m94&vyu=090809_440_090512_390_ssp&vf=BY&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001662636567724013651816962668&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control&deg=2&fdeg=0&gdeg=2&ghqg=68&fhqg=15&hqg=22&gvwduw=16&fvwduw=15&vwduw=15&uhtxuo=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&nzui=
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-241-117.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 11:29:27 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 08 Sep 2022 11:29:27 GMT

GET
H2 200 stuff-login-sdk.js Show response
www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/ Frame F30A 322 KB
87 KB 33ms
33ms Script
application/javascript 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/stuff-login-sdk.js
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/callback/signin-callback.html?error=login_required&state=3d94a0d0cea64562936cc8f1a2f91e70&session_state=6ab66c603c14b2f9afbc6939fcb8482668cdf06992d619cf2f55221ecbaac131.805472069
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: S3 /
Resource Hash: 286a5bcfa642461849ca5397fde16452a1f50d784bc7cb1631099ced066831ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/callback/signin-callback.html?error=login_required&state=3d94a0d0cea64562936cc8f1a2f91e70&session_state=6ab66c603c14b2f9afbc6939fcb8482668cdf06992d619cf2f55221ecbaac131.805472069
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
content-length: 88598
x-esi-enable: 0
last-modified: Wed, 19 May 2021 02:37:50 GMT
server: S3
x-cache-origin: HIT:Varnish
etag: W/"f73b63b9788f2f623698b107ed61ddba"
vary: Accept-Encoding
x-varnish: 352248230 325443964
access-control-allow-origin: *
cache-control: public, max-age=31536000
referer
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 08 Sep 2023 11:29:27 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame DF1D 0
214 B 62ms
10ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=41558262232658943410482505444082331384&gdpr=0&gdpr_consent=
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fairfax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 session-management Show response
my.stuff.co.nz/ Frame E5A1 921 B
2 KB 330ms
329ms Document
text/html 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stuff.co.nz/session-management

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/static/stuff-login-browser-sdk/1.2.3/stuff-login-sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e4fd00c3e8d4acb8eb8bd5cd63cb87f634a0661810742a2525d75e2d4bbded58

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.facebook.net https://.nr-data.net https://.gigya.com https://.eu1.gigya.com https://.us1.gigya.com https://secure-nz.imrworldwide.com https://.demdex.net https://.newrelic.com https://.googletagservices.com https://.googleadservices.com https://adservice.google.co.nz https://adservice.google.com https://hello.myfonts.net https://securepubads.g.doubleclick.net https://.googlesyndication.com https://apis.google.com
X-Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.facebook.net https://.nr-data.net https://.gigya.com https://.eu1.gigya.com https://.us1.gigya.com https://secure-nz.imrworldwide.com https://.demdex.net https://.newrelic.com https://.googletagservices.com https://.googleadservices.com https://adservice.google.co.nz https://adservice.google.com https://hello.myfonts.net https://securepubads.g.doubleclick.net https://.googlesyndication.com https://apis.google.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-language: en-NZ
content-length: 469
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.facebook.net https://*.nr-data.net https://*.gigya.com https://*.eu1.gigya.com https://*.us1.gigya.com https://secure-nz.imrworldwide.com https://*.demdex.net https://*.newrelic.com https://*.googletagservices.com https://*.googleadservices.com https://adservice.google.co.nz https://adservice.google.com https://hello.myfonts.net https://securepubads.g.doubleclick.net https://*.googlesyndication.com https://apis.google.com
content-type: text/html;charset=UTF-8
date: Thu, 08 Sep 2022 11:29:28 GMT
expires: 0
pragma: no-cache
vary: Accept-Encoding
x-akamai-transformed: 9 552 0 pmb=mTOE,2
x-content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.facebook.net https://*.nr-data.net https://*.gigya.com https://*.eu1.gigya.com https://*.us1.gigya.com https://secure-nz.imrworldwide.com https://*.demdex.net https://*.newrelic.com https://*.googletagservices.com https://*.googleadservices.com https://adservice.google.co.nz https://adservice.google.com https://hello.myfonts.net https://securepubads.g.doubleclick.net https://*.googlesyndication.com https://apis.google.com
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 403ms
90ms Fetch
text/plain 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=959fead99eca2c3d6622096b6a9d5f60_5244_1662636567887&tm=525&eT=6&wRV=2000877&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 08 Sep 2022 11:29:28 GMT
content-encoding: gzip
X-TraceId: 6ed096a0a1de1842d3014f0f20bbac4f
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 skyLander.js Show response
widgets.outbrain.com/nanoWidget/2000877/module/ 2 KB
2 KB 18ms
18ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000877/module/skyLander.js?e=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 66d64ecd956174bddcffdc71bdc1e8370638915731779ae7c8b396b1f5b8cb4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 11:45:32 GMT
server: AkamaiNetStorage
etag: "73281901dde2a7d1e6a60bc7e7c14446:1662562583.58098"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 1228
expires: Thu, 08 Sep 2022 15:29:27 GMT

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=2022090811292800011180120611
dpm.demdex.net/ Frame DF1D
Redirect Chain

https://x.dlx.addthis.com/e/demdex_sync?na_exid=41558262232658943410482505444082331384&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022090811292800011180120611

42 B
942 B

37ms
37ms

Image
image/gif

34.242.80.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022090811292800011180120611

Protocol

HTTP/1.1

Server

34.242.80.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-80-80.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fairfax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v039-0ee26276a.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: bkiZUJqiSVE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022090811292800011180120611
pragma: no-cache
date: Thu, 08 Sep 2022 11:29:28 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 08 Sep 2022 11:29:28 GMT

POST
H2 200 pixel_320f0bdb Show response
www.stuff.co.nz/akam/13/ 0
600 B 25ms
25ms XHR
text/html 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stuff.co.nz/akam/13/pixel_320f0bdb
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 08 Sep 2022 11:29:27 GMT
content-length: 0
content-type: text/html

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEMDxWuiDeWto3RecRNEWzh4&google_cver=1
dpm.demdex.net/ Frame DF1D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDE1NTgyNjIyMzI2NTg5NDM0MTA0ODI1MDU0NDQwODIzMzEzODQ=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDE1NTgyNjIyMzI2NTg5NDM0MTA0ODI1MDU0NDQwODIzMzEzODQ=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMDxWuiDeWto3RecRNEWzh4&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

36ms
36ms

Image
image/gif

34.242.80.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMDxWuiDeWto3RecRNEWzh4&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online

Protocol

HTTP/1.1

Server

34.242.80.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-80-80.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fairfax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v039-0d3cc2fc9.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Jl2w+aQXQ+Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 11:29:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMDxWuiDeWto3RecRNEWzh4&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame DF1D
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=41558262232658943410482505444082331384
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=41558262232658943410482505444082331384

0
338 B

143ms
28ms

Image
text/plain

54.76.58.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=41558262232658943410482505444082331384
Protocol: H2
Server: 54.76.58.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-58-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fairfax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1662636568
x-served-by: beacon-n006-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=41558262232658943410482505444082331384
date: Thu, 08 Sep 2022 11:29:28 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a004-ash-prod.krxd.net

GET
H2 404 320f0bdb
my.stuff.co.nz/akam/13/ Frame E5A1 0
0 24ms
21ms Script
text/html 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://my.stuff.co.nz/akam/13/320f0bdb
Requested by: Host: my.stuff.co.nz
URL: https://my.stuff.co.nz/session-management
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.stuff.co.nz/session-management
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
content-length: 9
content-type: text/html

GET
H2 200 crypto-js.min.js Show response
my.stuff.co.nz/js/sessionManagement/ Frame E5A1 47 KB
17 KB 33ms
31ms Script
application/javascript 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://my.stuff.co.nz/js/sessionManagement/crypto-js.min.js
Requested by: Host: my.stuff.co.nz
URL: https://my.stuff.co.nz/session-management
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bba05a999896e6d09e9a37b69ebb5e282d8aa0b20a5fd94a3d2a6f0a43a16a6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.stuff.co.nz/session-management
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 01:45:58 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=3526592
accept-ranges: bytes
content-length: 16253

GET
H2 200 sessionManagement-1a4f0e5bb1523762a6a2a7c60c9c11cf.js Show response
my.stuff.co.nz/js/sessionManagement/ Frame E5A1 3 KB
2 KB 42ms
39ms Script
application/javascript 2a02:26f0:ea:482::3871
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://my.stuff.co.nz/js/sessionManagement/sessionManagement-1a4f0e5bb1523762a6a2a7c60c9c11cf.js
Requested by: Host: my.stuff.co.nz
URL: https://my.stuff.co.nz/session-management
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:482::3871 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9ecf5cbe631f042bebb2e8bde0b900b2c1aff87a18c56d49979cf16f6cd7b1d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.stuff.co.nz/session-management
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
content-encoding: gzip
last-modified: Tue, 11 Jan 2022 01:26:46 GMT
etag: "1a4f0e5bb1523762a6a2a7c60c9c11cf"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=11625670
accept-ranges: bytes
content-length: 1087

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame DF1D
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=41558262232658943410482505444082331384?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=41558262232658943410482505444082331384?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

42 B
960 B

32ms
32ms

Image
image/gif

34.242.80.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Protocol

HTTP/1.1

Server

34.242.80.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-80-80.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fairfax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v039-01db3e161.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 300,104
X-TID: sLPkvwsET68=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 11:29:28 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
expires: 0
cache-control: no-cache
x-server: 10.45.16.225
content-length: 0
x-consent: absent

GET
H2 200 /
re.sajari.com/ 48 B
48 B 205ms
164ms Image
image/gif 2a00:1450:4001:82a::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://re.sajari.com/?company=1652929874842864747&collection=stuff-crawl-dev&cc.co=1652929874842864747&cc.pr=stuff-crawl-dev&p.ga=326823617&p.id=1662636567497.938629&e.id=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&ec.ti=Ransomware%20attack%3A%20Waikato%20DHB%20supporting%20patients%20after%20documents%20dumped%20online%20%7C%20Stuff.co.nz&ec.de=Health%20Minister%20Andrew%20Little%20promises%20independent%20inquiry%20into%20ransomware%20attack%20after%20the%20DHB%20recovers.&ec.ke=&canonical=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&bodyChecksum=4381678596b6b56c8835794779b6ca79&metaChecksum=520234509326f0d0ee78751602319426&meta%5Bviewport%5D=width%3Ddevice-width%2C%20initial-scale%3D1.0&meta%5Brobots%5D=noarchive%2C%20max-image-preview%3Alarge&meta%5Bformat-detection%5D=telephone%3Dno&meta%5Bfb%3Aapp_id%5D=207633159308175&meta%5Bverify-v1%5D=RazNiYjuvNuEsMeFXxfR9l9cDZIKxcq2VjQZA25CHgM%3D&meta%5Bmsapplication-config%5D=%2Fsics-assets%2Fimages%2Ffavicons_v2%2Fbrowserconfig.xml&meta%5Btheme-color%5D=%23ffffff&meta%5Bdescription%5D=Health%20Minister%20Andrew%20Little%20promises%20independent%20inquiry%20into%20ransomware%20attack%20after%20the%20DHB%20recovers.&meta%5Bsource%5D=Stuff&meta%5Bog%3Adescription%5D=Health%20Minister%20Andrew%20Little%20promises%20independent%20inquiry%20into%20ransomware%20attack%20after%20the%20DHB%20recovers.&meta%5Bog%3Atitle%5D=Ransomware%20attack%3A%20Waikato%20DHB%20supporting%20patients%20after%20documents%20dumped%20online&meta%5Bog%3Aurl%5D=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&meta%5Bog%3Atype%5D=article&meta%5Bog%3Aimage%5D=https%3A%2F%2Fresources.stuff.co.nz%2Fcontent%2Fdam%2Fimages%2F4%2Fy%2Fs%2Fu%2Fd%2Fb%2Fimage.related.StuffLandscapeSixteenByNine.1420x800.22rvh5.png%2F1624943285240.jpg&meta%5Bog%3Asite_name%5D=Stuff&meta%5Barticle%3Apublished_time%5D=2021-06-29T05%3A08%3A04.262Z&meta%5Bfb%3Apages%5D=21253884267&meta%5Bparsely-type%5D=post&meta%5Bparsely-title%5D=Ransomware%20attack%3A%20Waikato%20DHB%20supporting%20patients%20after%20documents%20dumped%20online&meta%5Bparsely-link%5D=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089&meta%5Bparsely-image-url%5D=https%3A%2F%2Fresources.stuff.co.nz%2Fcontent%2Fdam%2Fimages%2F4%2Fy%2Fs%2Fu%2Fd%2Fb%2Fimage.related.StuffLandscapeSixteenByNine.1420x800.22rvh5.png%2F1624943285240.jpg&meta%5Bparsely-pub-date%5D=2021-06-29T05%3A08%3A04.262Z&meta%5Bparsely-author%5D=Tom%20Pullar-Strecker&meta%5Bauthor%5D=Tom%20Pullar-Strecker%2Cauthor&meta%5Bparsely-section%5D=business&meta%5Bparsely-tags%5D=business&meta%5Btags%5D=business%2Ctags&meta%5Bparsely-post-id%5D=125592089&meta%5Barticle%3Asection%5D=business&meta%5Barticle%3Amodified%5D=2021-06-29T05%3A08%3A04.262Z&meta%5Bpublished_time%5D=article%3Apublished_time
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-cloud-trace-context: dddd26fa6143cffbfe645ec1ca75a8db
server: Google Frontend
date: Thu, 08 Sep 2022 11:29:28 GMT
content-length: 48
content-type: image/gif

GET
H2 200 RC71854f6df4ba497abb522790b0bca466-source.min.js Show response
assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/ 696 B
698 B 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/RC71854f6df4ba497abb522790b0bca466-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3c038cfbe139775e4f3cdf178631db05bcb18b02a0ac286fdb72c2bb92b1c98c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 01:39:51 GMT
server: AkamaiNetStorage
etag: "9793a44f79780beea337fcb9fb34d13c:1659317991.177343"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.stuff.co.nz
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 432
expires: Thu, 08 Sep 2022 12:29:28 GMT

GET
H2 200 RC6877a9dbda0d45fd923d5d362feb4ec2-source.min.js Show response
assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/ 797 B
670 B 9ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/RC6877a9dbda0d45fd923d5d362feb4ec2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2b50c05a7f67bb2af3c6622362567076243096d361625d4b17a3d906b0b6ce0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 01:39:51 GMT
server: AkamaiNetStorage
etag: "9793a44f79780beea337fcb9fb34d13c:1659317991.177343"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.stuff.co.nz
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 404
expires: Thu, 08 Sep 2022 12:29:28 GMT

GET
H2 200 aacxs.php Show response
c.aaxads.com/ Frame 887D 22 KB
9 KB 89ms
88ms Document
text/html 23.205.241.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aacxs.php?flg=AAX76609S&fv=1&fy=37&ke=1&suylg=159%2C263%2C167%2C89%2C241%2C267%2C310%2C3004%2C368%2C271%2C213%2C195%2C251%2C206%2C209%2C292%2C356%2C229%2C272%2C214%2C282%2C203&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Requested by

Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX76609S&hst=www.stuff.co.nz&ver=1.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-241-117.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2c03d34c0f5a43ee7d151810766dcaec78abfb894ed2e1fc88f58b7c7689a392

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8653
content-type: text/html; charset=UTF-8
date: Thu, 08 Sep 2022 11:29:28 GMT
expires: Sat, 10 Sep 2022 11:29:28 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK log
c21lg-d.media.net/ Frame 887D 35 B
329 B 269ms
172ms Image
image/gif 23.202.52.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?___stu13p=5idgihgb3r73nr56xnl0ch00yxnzunr&gho=1&yvlg=3056381688173688000V10&ruljlq=1&iow=0&syjlg[]=028AAX&syjlg[]=041AAX&syjlg[]=054AAX&syjlg[]=076AAX&syjlg[]=080AAX&syjlg[]=097AAX&syjlg[]=109AAX
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAX76609S&fv=1&fy=37&ke=1&suylg=159%2C263%2C167%2C89%2C241%2C267%2C310%2C3004%2C368%2C271%2C213%2C195%2C251%2C206%2C209%2C292%2C356%2C229%2C272%2C214%2C282%2C203&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.52.26 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-52-26.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.aaxads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 11:29:28 GMT
Server: Jetty(9.4.35.v20201120)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Thu, 08 Sep 2022 11:29:28 GMT

POST
H3 200 loadTemplateContext Show response
buy-au.piano.io/api/v3/anon/template/ 586 B
879 B 348ms
316ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-au.piano.io/api/v3/anon/template/loadTemplateContext?aid=ooaGPZ28pa

Requested by

Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d4b1108c542458c340d4b9fe615104a468b1d2f043fea6a2c571d80b13c0830

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 08 Sep 2022 11:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: K4l2whrQ4nV
pragma: no-cache
wn: prod-au-dash-10-1-3-156
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.005
cf-ray: 747758bafbe5996f-FRA
expires: 0

GET
H3 200 cacheableShow Show response
buy-au.piano.io/checkout/template/ Frame 4F5B 14 KB
5 KB 59ms
33ms Document
text/html 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-au.piano.io/checkout/template/cacheableShow?aid=ooaGPZ28pa&templateId=OTQHOG4R57TS&offerId=fakeOfferId&experienceId=EX56LBDCL3RM&iframeId=offer_2e3eb78f8391b101d68d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid-au.piano.io%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.stuff.co.nz

Requested by

Host: code.piano.io
URL: https://code.piano.io/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8fd40656fa6f57f7a52a36774a200a67560937fe6cd6f225565f6572adc1ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: *
access-control-allow-origin: http://dashboard-au.piano.io
age: 1772
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=300
cf-cache-status: HIT
cf-ray: 747758bafb099177-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Thu, 08 Sep 2022 11:29:28 GMT
expires: Thu, 08 Sep 2022 11:34:28 GMT
last-modified: Thu, 08 Sep 2022 10:59:56 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server: cloudflare
server-time: 0.001
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-au-dash-10-1-4-44
x-forwarded-https: on
x-request-id: Kv71whrt8EG
x-xss-protection: 0

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame E154 684 B
768 B 34ms
20ms Document
text/html 2a02:26f0:3500:898::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:898::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer: https://www.stuff.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 379
Content-Type: text/html
Date: Thu, 08 Sep 2022 11:29:28 GMT
Expires: Sun, 18 Sep 2022 11:29:28 GMT
Last-Modified: Tue, 11 Jan 2022 07:21:04 GMT
Server: AkamaiNetStorage
Unused62: 8096267
Vary: Accept-Encoding

GET
H3 200 template.bundle.1.0.css
buy-au.piano.io/widget/dist/template/css/ Frame 4F5B 27 KB
5 KB 23ms
20ms Stylesheet
text/css 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-au.piano.io/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=ooaGPZ28pa&templateId=OTQHOG4R57TS&offerId=fakeOfferId&experienceId=EX56LBDCL3RM&iframeId=offer_2e3eb78f8391b101d68d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid-au.piano.io%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.stuff.co.nz

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/checkout/template/cacheableShow?aid=ooaGPZ28pa&templateId=OTQHOG4R57TS&offerId=fakeOfferId&experienceId=EX56LBDCL3RM&iframeId=offer_2e3eb78f8391b101d68d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid-au.piano.io%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.stuff.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 6098
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-au-dash-10-1-4-44
last-modified: Mon, 05 Sep 2022 03:45:30 GMT
server: cloudflare
etag: W/"27358-1662349530000"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/css
server-time: 0.000
cache-control: public, max-age=14400
cf-ray: 747758bb4b939177-FRA
expires: Thu, 08 Sep 2022 15:29:28 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 4F5B 95 KB
30 KB 44ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 582241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30360
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FXhXd0VM3xuBWFAaYBs1PjI2L1CKabBT8lHcCuIu%2B0v%2FE6uMESQyMDYerwk0FfvNqKekT5khbAll0mOsqtVzV9HWVthFUlG9RCrmCfqYWm0k5pJVr65txmRwk5f5pVWYFcUxOQ%2B2O%2B6fplAzWDUbM0w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 747758bb7bf3bb9b-FRA
expires: Tue, 29 Aug 2023 11:29:28 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 4F5B 10 KB
4 KB 45ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6665183
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3550
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSlCUnncBT9dOyUa4u1yl%2Bxp%2B%2By9KlFYMpKaJbe4eL5MtkaKbyF%2BpfUdZMD0B1I2TG7N6Riq2THcV%2BBMyK%2Bn0HWNVTFt9VeovwVH9U057a9PfdpiDFXkm%2F22YW1%2B2j%2Fbx9xEIcZmQFG8mmCcsmluJfp1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 747758bb7bf5bb9b-FRA
expires: Tue, 29 Aug 2023 11:29:28 GMT

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 4F5B 104 KB
35 KB 46ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1350650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35086
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-1a191"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68kIgQq7wSfy47DxduGsiDQ%2BkGI4RmvIoQmg0H8m3hAqvGrEM2%2BOuUIASunE%2FO1mT%2FcQqusvEt8OWfBzInSfXlaDchZTNCc5Hhn4mdg0DWP09j6P%2BzocYV%2BPdPMGOZQ89kzHDruOxyQgC1H0BOy0eucr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 747758bb7bf9bb9b-FRA
expires: Tue, 29 Aug 2023 11:29:28 GMT

GET
H2 200 angular-animate.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.2.22/ Frame 4F5B 11 KB
5 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.2.22/angular-animate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 13:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 509619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4430
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:55:49 GMT

GET
H2 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 4F5B 825 B
775 B 56ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 575985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 434
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-339"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8a0Jd6UALxsmkMvXgt4OEJTTXN73MIW7OqM2Ph1Oea4%2FHBM8QIp%2BvkfCorypuGq8lviDv3nZtM5CtFJ0hYkWefETRRf6dzFCMxRAFKhn7fzZn711011pOEshp%2FnNp6zVNJrKcL5i9YjT8oWDI%2BQHEATG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 747758bb7bfabb9b-FRA
expires: Tue, 29 Aug 2023 11:29:28 GMT

GET
H2 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 4F5B 4 KB
3 KB 41ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6663247
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2171
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-11cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjyG2i98q0K9SsajlCT4rTkP15ID2mDUkL8C0Zy6vb3zjPoKk0tOUJGBBamBwyc2XJY51w2pNrhTZp1PkZAF%2FA6IVNA8rNeWjJGwHegJlXiNRV3WwGw0NXqQ37ZRH7F4BpTj2MclQAqEiRnWjm%2B84mbB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 747758bb7bfdbb9b-FRA
expires: Tue, 29 Aug 2023 11:29:28 GMT

GET
H2 200 tmhDynamicLocale.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 4F5B 3 KB
1 KB 51ms
24ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3081747
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 953
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d1b-ad6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sI8wqz6jn%2FBWu%2BbQU5tmPY1lbKlA2BMuuxL0z2ZwMqvLFU4fJDaIJ0NIrRI6D80cssef%2FIE%2BHZL7MB2Y3JCxj4lLOesz6DAvkMVBUC8AQY5eUnGzvjUQNhAZyGMbUMRnaWcgAcKTBFgxiGesHiz%2FbDxN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 747758bb7bffbb9b-FRA
expires: Tue, 29 Aug 2023 11:29:28 GMT

GET
H2 200 angular-ui-utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 4F5B 23 KB
8 KB 52ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1348354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7490
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-5b33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8NfWSeycqBMjiNOkHrSaGYm%2FFhfdqm5gZZmYXYJZt9xcdRMIBVen0Tp1Q%2BBVCDFMgcRNJG4ER1cTpiv%2BniQ%2BXDJjhbsrRSYgJT8l467gUpHaxa6N96TbC1hEkTu6DHDzmpJvWgqS2MgDe16nDxVe4Gl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 747758bb7c07bb9b-FRA
expires: Tue, 29 Aug 2023 11:29:28 GMT

GET
H2 200 angular-ui-ieshiv.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 4F5B 2 KB
1 KB 54ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 577222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 910
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-93c"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKZtgHf%2B0ix08un%2B9OFGhRz3IsE8CRq3Yzycsc8Pq8bPyhPTcI3UnbmxqPkvrlUaV9br0mfX9ZMjOg86PpR0wXiiQVvOKP2OBaN%2BZJXtKiJJGtBhNlxuW7bSZDP03%2BDArRX0OsuN8UDOqyE7TrZJAoGr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 747758bb7c02bb9b-FRA
expires: Tue, 29 Aug 2023 11:29:28 GMT

GET
H2 200 angular-ui-router.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 4F5B 20 KB
7 KB 50ms
23ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4293355
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6934
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-4f8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcZL4kiEvMVl%2Fo4tWNJ221d%2BPOWQ3U57HqhgfqFDJH5en5wsKN0kOrvv%2Bm4%2Fbh3l%2BMaVkGSfOZDryZtT4zZfmoUaKFYgTDobnomtRqBOwTKUKj4Mc3JjgiE%2FhSnlmalMUvyeKWnuIjnQU0ZQR2IY4M0h"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 747758bb7c01bb9b-FRA
expires: Tue, 29 Aug 2023 11:29:28 GMT

GET
H3 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy-au.piano.io/_sam/ Frame 4F5B 114 KB
36 KB 29ms
27ms Script
text/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-au.piano.io/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=14.265.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3981b1db3de18ae74a074167e1d1bcab1b1762ff521ec6469c9543a690453de

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/checkout/template/cacheableShow?aid=ooaGPZ28pa&templateId=OTQHOG4R57TS&offerId=fakeOfferId&experienceId=EX56LBDCL3RM&iframeId=offer_2e3eb78f8391b101d68d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid-au.piano.io%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.stuff.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2067
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-au-dash-10-1-4-44
last-modified: Mon, 05 Sep 2022 23:21:56 GMT
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/javascript
server-time: 0.001
cache-control: public, max-age=602733
x-optimized-by: _sam
cf-ray: 747758bb4b949177-FRA
expires: Thu, 15 Sep 2022 10:55:01 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame E154 91 KB
29 KB 39ms
39ms Script
application/x-javascript 2a02:26f0:3500:898::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:898::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3c2824b5d9d3293a4d3b231891aa2834a476f16463bfb8824e7a8225bba32053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 11:29:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2022 12:17:53 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29505
Expires: Thu, 08 Sep 2022 12:29:28 GMT

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame E154 46 B
634 B 90ms
15ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 34cc6423502ba4dcc3009346d43c472d081c3b8c81ce9d5d990e1a5d3da52c15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:29 GMT
last-modified: Tue, 08 Mar 2022 11:29:29 GMT
server: Jetty(9.4.28.v20200408)
etag: 23ahtjrp2wmdg4mum2br1mqut
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: private, proxy-revalidate
content-type: text/javascript;charset=utf-8
content-length: 46
expires: Fri, 08 Sep 2023 11:29:29 GMT

GET
H3 200 fail-icon.png
buy-au.piano.io/widget/dist/template/css/img/ Frame 4F5B 2 KB
2 KB 30ms
30ms Image
image/png 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy-au.piano.io/widget/dist/template/css/img/fail-icon.png

Requested by

Host: buy-au.piano.io
URL: https://buy-au.piano.io/widget/dist/template/css/template.bundle.1.0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy-au.piano.io/widget/dist/template/css/template.bundle.1.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6036
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2177
wn: prod-au-dash-10-1-3-153
last-modified: Mon, 05 Sep 2022 23:21:56 GMT
server: cloudflare
etag: W/"2177-1662420116000"
strict-transport-security: max-age=86400; includeSubDomains
content-type: image/png
server-time: 0.000
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 747758bbfcd79177-FRA
expires: Thu, 08 Sep 2022 15:29:28 GMT

GET
H2 200 STUFFSANSWEB-SemiBold.woff2
i.piano.io/managedservices/stuff/fonts/ Frame 4F5B 34 KB
35 KB 69ms
34ms Font
application/octet-stream 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i.piano.io/managedservices/stuff/fonts/STUFFSANSWEB-SemiBold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5522fa3faddd44754a3031f0cea90f32c4da5ca5246a91be3f88fd58478d2005

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy-au.piano.io/
Origin: https://buy-au.piano.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:29 GMT
via: 1.1 704c2c5658d2a30f6fbdd46c73f52e10.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 6019
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34928
last-modified: Tue, 17 May 2022 09:06:44 GMT
server: cloudflare
etag: "c0f391724faf1f645baa4e7063639d47"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=14400
x-amz-cf-pop: HAM50-P1
accept-ranges: bytes
cf-ray: 747758bc3a0d90ac-FRA
x-amz-cf-id: 9cWpjdiGfL9XcpR4GXILKcX7fLm-knLSTzmVWEvT4XPoqTLD9dJRmQ==
expires: Thu, 08 Sep 2022 15:29:29 GMT

GET
H2 200 STUFFSANSWEB-Regular.woff2
i.piano.io/managedservices/stuff/fonts/ Frame 4F5B 34 KB
34 KB 70ms
35ms Font
application/octet-stream 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i.piano.io/managedservices/stuff/fonts/STUFFSANSWEB-Regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eba8e146cb4aeb1da575bb17f8961d2594d0f60af6d7eaed5cdc95c4dcd451a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy-au.piano.io/
Origin: https://buy-au.piano.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:29 GMT
via: 1.1 938af0a58a4fcbf3c08e6c39b89440e2.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 6019
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34328
last-modified: Tue, 17 May 2022 09:06:45 GMT
server: cloudflare
etag: "fe6cd12a1cf8b8619df8988d8a9de8a6"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=14400
x-amz-cf-pop: HAM50-P1
accept-ranges: bytes
cf-ray: 747758bc3a1090ac-FRA
x-amz-cf-id: DqUgOoHc96ySl_rlqJzRZ1zrPKPRiKv8PAxPJ7nmvKnYYUeXe7ytRg==
expires: Thu, 08 Sep 2022 15:29:29 GMT

GET
H2 200 STUFFSANSWEB-Medium.woff2
i.piano.io/managedservices/stuff/fonts/ Frame 4F5B 34 KB
34 KB 120ms
85ms Font
application/octet-stream 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i.piano.io/managedservices/stuff/fonts/STUFFSANSWEB-Medium.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa2364dedec6a43252d203e609c5a6f15a8a115004481e2713102c9623fb9435

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy-au.piano.io/
Origin: https://buy-au.piano.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:29 GMT
via: 1.1 23776effa8a63b2e2dccd702e73b0c86.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 6019
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34512
last-modified: Tue, 17 May 2022 09:06:45 GMT
server: cloudflare
etag: "5ab0cd26b9190f6f68b2662a04b6c497"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=14400
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
cf-ray: 747758bc3a1290ac-FRA
x-amz-cf-id: oL3hX3xMSzzIWf3EhXFs-WzRxu2opY3XdkL1iJ4lUqxDQqkNglAAig==
expires: Thu, 08 Sep 2022 15:29:29 GMT

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame E154 43 B
466 B 127ms
14ms Image
image/gif 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.7.0&typ=pgv&rnd=l7syvu57pp5tkhoo&sid=1151019886197577425&loc=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&new=1&arf=0&ltm=1662636567763&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=l7syvv0ejcdfiqcf&ckp=l7syvu57z340dvau&glb=&cp_userState=anon&cp_ver=2.47&cp_testGroup=45&cst=23ahtjrp2wmdg4mum2br1mqut
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:29 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 101 B
672 B 125ms
15ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22l7syvu57z340dvau%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2223ahtjrp2wmdg4mum2br1mqut%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2223ahtjrp2wmdg4mum2br1mqut%22%7D%5D%2C%22siteId%22%3A%221151019886197577425%22%2C%22location%22%3A%22https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online%22%7D&callback=cXJsonpCB1

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

896b4f9cc31ed0661191548ff72ba08ec5e3ccf1182b70a5a4ba4fe67357b067

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 11:29:29 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 101
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
596 B 34ms
33ms Image
image/gif 54.75.143.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=nz-910623&ch=nz-910623_c17_business_S&asn=business&fp_id=rh3omzc3yprc2s5vu5m9xjcg1fpuh1662636567&fp_cr_tm=1662636567671&fp_acc_tm=1662636567671&fp_emm_tm=1662636567671&ve_id=&sessionId=5pscixrq8sowctgzaplifoconwfeq1662636567&prv=1&c6=vc,c17&ca=NA&c13=asid,PEC098A72-33DD-408F-96BF-B1E81199868C&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,gwzzuwu0aaxmsfaqvsewaxrg3dzev1662636567&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16626365676699442&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=125592089&c3=st,c&c64=starttm,1662636569&adid=125592089&c58=isLive,false&c59=sesid,&c61=createtm,1662636568&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&c66=mediaurl,&sdd=&c62=sendTime,1662636568&rnd=922655
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.143.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-143-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 11:29:29 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 RC70afc43a296841f98c234211f65c972e-source.min.js Show response
assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/ 657 B
665 B 8ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/23f51728685d/6200c30b6543/9cd5dce4fbbf/RC70afc43a296841f98c234211f65c972e-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc2c0d9c06c2d4b1a877b126c3b8fc473.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a9de0b5cc458cb6c015879ca5ce1ea100339f5d315307a5b5a95476ba630c2a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:30 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 01:39:51 GMT
server: AkamaiNetStorage
etag: "9793a44f79780beea337fcb9fb34d13c:1659317991.177343"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.stuff.co.nz
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 400
expires: Thu, 08 Sep 2022 12:29:30 GMT

GET
H2 200 tag Show response
a.teads.tv/page/84334/ 2 KB
1 KB 53ms
8ms Script
application/javascript 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/84334/tag
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c9193654a23422beffa46afe37ae99483653dd827112d3678c889c0c505570eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:30 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 865
expires: Thu, 08 Sep 2022 12:29:30 GMT

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 600 KB
132 KB 9ms
9ms Script
text/javascript 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/84334/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c055220cad9ab6321c8d430056a88f8ecc1a03e77780aeced9bab04f64285e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 08 Sep 2022 11:29:30 GMT
content-encoding: br
last-modified: Tue, 06 Sep 2022 15:34:50 GMT
x-amz-request-id: 2CM21JBP299EY4RW
etag: "1d45e426c09018bbda4456bde9b2c1ed"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 3
accept-ranges: bytes
content-length: 134196
x-amz-id-2: 88Jn/XN0cx+HN8ZsM4ARp7KHT/wq+/Vl0fnOQZ4tns93uaS+8+WRFquBHTA7E68ZSZSy/6czS00=
expires: Thu, 08 Sep 2022 11:59:30 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 180ms
71ms Image
image/gif 23.202.53.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=992d2253-d9e1-41a4-bbd4-86808a2fc5f6&pageId=84334&pid=117411&debug_metadata=F2sUjeHkDe&fv=1069&ts=1662636570188&f=1&referer=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.124 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-53-124.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:30 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 179ms
71ms Image
image/gif 23.202.53.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=992d2253-d9e1-41a4-bbd4-86808a2fc5f6&pageId=84334&pid=117411&slot=native&fv=1069&ts=1662636570196&f=1&referer=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.124 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-53-124.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:29:30 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 http-source
s8t.teads.tv/logs/format/ 0
0 130ms
34ms Image
text/plain 2a02:26f0:3500:493::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/logs/format/http-source?%5B10%5D%5B1069%7Cd%7CWindows%7C10%7CChrome%7C105%7Cweb%7C%7C%7C%5D%5B117411%7C%7C%5D%5Binfo%5D%20ccpa-iab-consent%200%202
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:493::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.stuff.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 ad Show response
a.teads.tv/page/84334/ 540 B
572 B 83ms
83ms XHR
application/json 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/84334/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.stuff.co.nz%2Fbusiness%2F125592089%2Fransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online&page=%7B%22id%22%3A84334%2C%22placements%22%3A%5B%7B%22id%22%3A117411%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A612%2C%22height%22%3A344%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=992d2253-d9e1-41a4-bbd4-86808a2fc5f6&formatVersion=1069&env=js-web&netBw=10&ttfb=571
Requested by: Host: www.stuff.co.nz
URL: https://www.stuff.co.nz/sics-assets/js/bundle.1fc241e7bbcb67a90e8b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 90e9b83065516945c9bc3fea2e30b562f776a832d2a968512d5faafe81ef79fe

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.stuff.co.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 11:29:30 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.stuff.co.nz
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 365
expires: Thu, 08 Sep 2022 11:29:30 GMT

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.stuff.co.nz/business/125592089	1969-12-31 23:59:59	Name: aamffx Value:
.stuff.co.nz/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 10:09:48	Name: demdex Value: 41558262232658943410482505444082331384
.stuff.co.nz/	1969-12-31 23:59:59	Name: AMCVS_F5D11253512D2B170A490D45%40AdobeOrg Value: 1
.piano.io/	1970-01-20 05:50:38	Name: __cf_bm Value: 2V5JF2V.kbdGJ5EjeV4emZZFSg3Lu0gdgFZnlfMcR8Q-1662636567-0-AS88TI7SnMdlKhLWVjBmD7pmjxEwK9QajYAedZwhkLEAWH5p/XhQRmlna7vxx0eh9K9dh43Amt+iIe+0Cq86sgc=
.stuff.co.nz/	1970-01-20 14:36:12	Name: site-view Value: d
.stuff.co.nz/	1970-01-20 15:26:36	Name: _ga Value: GA1.3.326823617.1662636567
.stuff.co.nz/	1970-01-20 05:52:02	Name: _gid Value: GA1.3.945875199.1662636567
.stuff.co.nz/	1970-01-20 05:50:36	Name: _gat_6fec2d418904450dace4f478760dcc5a Value: 1
.everesttech.net/	1970-01-20 14:36:12	Name: everest_g_v2 Value: g_surferid~YxnSFwAAAFF-nAN-
.stuff.co.nz/	1970-01-20 15:26:36	Name: mbox Value: session#37176587cf7b4da6ac6c04f37051ab3a#1662638428\|PC#37176587cf7b4da6ac6c04f37051ab3a.37_0#1725881368
.stuff.co.nz/	1969-12-31 23:59:59	Name: sjSE Value: 1
.dpm.demdex.net/	1970-01-20 10:09:48	Name: dpm Value: 41558262232658943410482505444082331384
.stuff.co.nz/	1970-01-20 15:26:36	Name: AMCV_F5D11253512D2B170A490D45%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19244%7CMCMID%7C41724405348492767890502500196511230536%7CMCAAMLH-1663241367%7C6%7CMCAAMB-1663241367%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1662643767s%7CNONE%7CMCSYNCSOP%7C411-19251%7CvVersion%7C5.2.0
.2o7.net/	1970-01-20 15:26:36	Name: s_vi_Gx40HSGx40YOx5Bx0CRUTGGNWDSx40MMx0CQSNETBUHNO Value: [CS]v4\|318CE90BCC4BB373-60000825FFD02F0F\|6319D217[CE]
.stuff.co.nz/	1970-01-20 15:26:36	Name: _pprv Value: %7B%22consent%22%3A%7B%220%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%221%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%222%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%223%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%224%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%225%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%226%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%227%22%3A%7B%22mode%22%3A%22opt-in%22%7D%7D%7D
.stuff.co.nz/	1970-01-20 15:26:36	Name: _pctx Value: %7Bu%7DN4IgDghg5gpgagSxgdwJIBMQC4QBsDsAzgJ4BuArgKz5hiUAuA1gBYD2rIANCOYTAE6FsAO3K5c3XgIDK9CPV7YQEYa2FcQhBPRgYlARn2V9ABn0BOAByWAbBfzV8AFgBMlEAF8gA
.stuff.co.nz/	1970-01-20 15:26:36	Name: _pcid Value: %7B%22browserId%22%3A%22l7syvu57z340dvau%22%7D
.stuff.co.nz/	1970-01-20 10:09:48	Name: nol_fpid Value: rh3omzc3yprc2s5vu5m9xjcg1fpuh1662636567\|1662636567671\|1662636567671\|1662636567671
.stuff.co.nz/	1970-01-20 05:50:38	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.stuff.co.nz/business/125592089/ransomware-attack-waikato-dhb-supporting-patients-after-documents-dumped-online%22%2C%22sref%22:%22%22%2C%22sts%22:1662636567685%2C%22slts%22:0}
.stuff.co.nz/	1970-01-20 15:20:00	Name: _parsely_visitor Value: {%22id%22:%22pid=e03fdb3f76c380e38095588823357808%22%2C%22session_count%22:1%2C%22last_session_ts%22:1662636567685}
www.stuff.co.nz/	1970-01-20 05:50:36	Name: __adblocker Value: false
www.stuff.co.nz/	1969-12-31 23:59:59	Name: aasd Value: 1%7C1662636567725
www.stuff.co.nz/	1969-12-31 23:59:59	Name: __aaxsc Value: 2
.agkn.com/	1970-01-20 14:36:12	Name: ab Value: 0001%3A533JzPfk4Ki3Fzd2gq1ZgcWEkCyvx%2B4k
.stuff.co.nz/	1970-01-20 14:36:12	Name: cX_P Value: l7syvu57z340dvau
my.stuff.co.nz/	1969-12-31 23:59:59	Name: SESSION Value: 87098fca-908d-450d-bd2d-c7c9ae9950e0
.exelator.com/	1970-01-20 08:43:24	Name: EE Value: "1e7e00fa2018fd090db8e85f5ca04794"
.exelator.com/	1970-01-20 08:43:24	Name: ud Value: "eJxrXxzq6XKLQcEw1TzVwCAt0cjA0CItxcDSICXJItXCNM00OdHAxNzSZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAdEl%252BUWb6IhfXxUUpaQyLSopPBR%252FsywMAoxAqTg%253D%253D"
.imrworldwide.com/	1970-01-20 15:12:12	Name: IMRID Value: 7fc853a0-2f69-11ed-a90a-4315b9748896
.doubleclick.net/	1970-01-20 15:12:12	Name: IDE Value: AHWqTUk_LFwZfGeTUGT0EcUP2tz3DFtSWx7JuiBV9bu-VqM436PELLnNrEZR436qt2o
.stuff.co.nz/	1970-01-20 05:50:43	Name: bm_mi Value: 576D12B414BDCCB7149D087F22EC85B2~YAAQBqwVAtsju/SCAQAArK7cHBH0xDUtXWeOBSM3MDehdwgvjeDU9vbRxnz8SlE/x6gmjJNgEpdWX0XxHm2+gRqa+H5JKCk6FJgz4Cqxvqo5eFmIFGN1Jwi0yDGtmrXNL/klQfVVXvKTqyQ4MdY1295V082o4FkY/hpSSSG7EuFUyTmmUwKhti0wEoNv6kVWNU7FW/LUH/LlBUMbcGtvpy1shYfvKryPdg9YNudCr7AeRKCbJYuEXEsa0LEyT2dAML1ueb5kajPSwuGJLpSLqLrfRlWMGWWFqd/lmVRrLSiGxe3JT9ElTROrOPSsIuuzlg5MxzoBGfmm7hXFuTwKNA==~1
.stuff.co.nz/	1970-01-20 05:50:43	Name: bm_sv Value: 4C2F5E7AD6A3D116A6B57C7AE0F14AE9~YAAQBqwVAtwju/SCAQAArK7cHBGpUQIuokW/6OtmKIptsddYWuJmhfqihfpY06iA6VakTudEY20/gmX3eiDJo9iPiVNwRbzx7p/s23a5I97M7CAHfO23KU6yAArw09KfeRaim/hPb1mS1TqdqblOOrV8LbdpGKkM9fqFoTk2DT6u8g62Q/tyTI06iWcyDsAfYV/xsz1Coyg2uA8t0hfLjcGNzZ446kiQIdQC/he6T5e8c7CJ7nuepe90AgTFzNicAw==~1
.demdex.net/	1970-01-20 10:09:48	Name: dextp Value: 21-1-1662636567675\|3-1-1662636567775\|481-1-1662636567876\|843-1-1662636567978\|771-1-1662636568079\|66757-1-1662636568179\|121998-1-1662636568280
.stuff.co.nz/	1970-01-20 05:50:43	Name: ak_bmsc Value: 87CDA2894A4418F07C5B692266B77B03~000000000000000000000000000000~YAAQBqwVAt8ju/SCAQAA4K7cHBHPi1YybipZl8m7K/Dru2sWFyK0YtDpzNWV8p8FkmpnpBXvjXZ5gzkli80gpMkBuzb0IPKwxgNuN50V6Kenk4pyxxOKxK6KuOj5vp1GELGSvBxFfrvBnbgVsSMu4uKgQcZOnMhliWDXwoymMWZShByiqJIEAaCoT7ugo8Q8y7uUuwo9z1LNs1bES9ZE4vK1Y8Lu7j+LQyLrBqJZf5p2b7BB/d+LoMDj2hWTHVvW5sSEFT2o27yRXNfkvhO4EqfQHfGVZ1NZA0In69BhOeNiJ7KYHPhPAn56uk1WjfTbe/7YMwGchFZj7nYlVbyUYU01uKX5raOliHay6PB/7DswHjvbfdDX+dYh5W5BN6WI1XSniSexL/kMc4Vh5s0WDa6yz0mYVsIFBLR/jfJ/dkSogB0sOYzhIj8PAKFKppysBET7huTuzcZf1ZaUgE2169sY1Q9nM9NDjBDS8fuzJXr/4tDpXBsfnlRrOML9PGHBy1zAe5/czddcmZ411wor0jFFQIE=
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.aaxads.com/	1970-01-20 14:36:12	Name: aax-vsid Value: 3056381688173688000V10
.krxd.net/	1970-01-20 10:09:48	Name: _kuid_ Value: PEQ1upzN
.stuff.co.nz/	1970-01-20 15:26:36	Name: __tbc Value: %7Bkpex%7DAqujbOpHDg0We-INt74WOaI0G1bctBiVXXTQYtZQIUcKHPCgf34Jy3bpTM1RlT5Y
.stuff.co.nz/	1970-01-20 06:33:48	Name: __pat Value: 43200000
.stuff.co.nz/	1970-01-20 05:52:02	Name: __pvi Value: %7B%22id%22%3A%22v-l7syvu5epr3jfj6u%22%2C%22domain%22%3A%22.stuff.co.nz%22%2C%22time%22%3A1662636568745%7D
.stuff.co.nz/	1970-01-20 15:26:36	Name: xbc Value: %7Bkpex%7DDBLq2pae4e9_MJGAVox-Ake3MpsEZQdhFXWh6dJJPUu51lWiPfF2LbtIwVMKjgZBnQ71enEpfztRemNgRshUAml5yR1CS-i5jdkuTxapz_QhOY3WwK658MBBENza-NAJRRonisgpMKbOghPIZCKYT5vFzg0FRWDZApw4nh5YfBeWahCza3ZQTYi4geOv2vdz
.stuff.co.nz/	1969-12-31 23:59:59	Name: cX_S Value: l7syvv0ejcdfiqcf
.cxense.com/	1970-01-20 14:36:12	Name: gckp Value: 3eevgys6gau8b635rosvyxx1b
.stuff.co.nz/	1970-01-20 14:36:12	Name: cX_G Value: cx%3A3fg6wpiz1j4ae8z1ua80h9l0u%3Aeichsdrj74xr

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://videos.oovvuu.com/stuf/v1/ovu_rec.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://my.stuff.co.nz/akam/13/320f0bdb Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://adfeeds.stuff.co.nz/v1/channel?v=1&p=desktop&s=/business/null/null/null/null&l=/International&pt=article Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-inline' 'unsafe-eval' 'report-sample'; img-src http: https: data: blob:; media-src http: https: data: blob:; report-uri https://csp-reporter-production.apse2.ffx.nz/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5pscixrq8sowctgzaplifoconwfeq1662636567.nuid.imrworldwide.com
a.teads.tv
aa.agkn.com
adapi.stuff.co.nz
adfeeds.stuff.co.nz
ajax.googleapis.com
amplifypixel.outbrain.com
assets.adobedtm.com
ats.rlcdn.com
beacon.krxd.net
buy-au.piano.io
c.aaxads.com
c2-au.piano.io
c21lg-d.media.net
cdn-gl.imrworldwide.com
cdn.brandmetrics.com
cdn.cxense.com
cdn.kdaimo.com
cdn.neighbourly.co.nz
cdn.parsely.com
cdn.sajari.com
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
code.piano.io
comcluster.cxense.com
d867x8xq12ag.cloudfront.net
dashboard.presspatron.com
dpm.demdex.net
events.apester.com
experience-au.piano.io
fairfax.demdex.net
fairfaxnz.tt.omtrdc.net
fairfaxnzstuffoverallproduction.112.2o7.net
fonts.googleapis.com
i.piano.io
id.cxense.com
interactives.stuff.co.nz
l3.aaxads.com
load77.exelator.com
loadm.exelator.com
mcdp-nydc1.outbrain.com
my.stuff.co.nz
o68184.ingest.sentry.io
odb.outbrain.com
p1.parsely.com
p1cluster.cxense.com
re.sajari.com
resources.stuff.co.nz
s8t.teads.tv
sdk.apester.com
sdk.ffxpub.com
secure-dcr.imrworldwide.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
static.apester.com
static3.stuff.co.nz
stats.g.doubleclick.net
stuffnz-sydney.gscontxt.net
sync.crwdcntrl.net
t.teads.tv
tcheck.outbrainimg.com
token.rubiconproject.com
usermatch.krxd.net
videos.oovvuu.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.aaxdetect.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.npttech.com
www.stuff.co.nz
x.dlx.addthis.com
13.32.110.98
13.36.218.177
142.250.186.130
142.250.186.98
147.75.83.64
151.101.130.217
151.101.14.132
151.101.2.133
151.101.2.227
151.101.66.227
152.67.116.253
18.198.69.109
18.66.100.58
18.66.147.88
184.51.9.223
23.202.52.26
23.202.53.124
23.202.54.36
23.205.239.15
23.205.241.117
23.35.229.56
2600:9000:223c:e400:1e:a43d:b640:93a1
2600:9000:223d:8e00:1b:11ff:f600:21
2600:9000:223e:6000:1e:9232:ebc0:93a1
2600:9000:223f:2c00:1d:667e:2a40:93a1
2600:9000:2304:4200:1a:9e13:5280:93a1
2600:9000:236e:8000:2:42d9:3100:93a1
2606:4700:20::681a:79b
2606:4700:3032::ac43:bf95
2606:4700::6810:f015
2606:4700::6811:180e
2a00:1450:4001:80f::2004
2a00:1450:4001:811::200e
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2013
2a00:1450:4001:830::200a
2a00:1450:400c:c07::9d
2a02:26f0:3500:493::26e5
2a02:26f0:3500:591::1e80
2a02:26f0:3500:898::268b
2a02:26f0:ea:482::3871
2a02:26f0:ea:4a6::3871
2a02:6ea0:c700::17
3.105.141.111
34.120.195.249
34.242.80.80
34.248.32.199
35.171.14.192
35.190.50.98
35.190.72.53
35.227.201.100
52.17.63.11
52.17.99.225
52.213.127.205
52.215.111.225
52.222.214.88
52.30.241.123
54.75.143.131
54.76.58.201
64.202.112.159
69.173.144.139
69.192.160.219
01a02851049854d2d7e2ce81446cabdd55afe68b68bdd7ee09be35bc3dc504ac
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
041cb588d40b81d67a8d055f9b6dfedd08673a7ce038439aee905fcca693128a
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
075a8ac615514bdfb50ff549c364975167a846d282b3bee916152fee7cdc7a7b
09675ea155d08e959872d1f64ae603c9e0071d502c7ddfe853e0fbabf7e9cc15
0a325decfde845ca807eb95bb738b93e3a39bc9dc5dbbe30006a46d0aaa11985
117ed873640b992e38f34a0a761dd3e1cda6b3c24c9507bb3adc0323039f8ff1
11d6af78e66283ece20bc13c4439f9beea0cac411e9ac90ee81f74ce290bf2aa
15ad4a5fcdaa28afc0e850112a53a64e23eb10ae90b2d312a3f0140a7171a24b
15f0e8785ed86a7e2f77ee7f29dcb9c6dde7dd976e04de99c9d9e4cde7672aa9
1786bfb5bc61c63a26e18ac30db3db9cdf3c87ae30f40ea907fe040ac2a99b27
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
278146e898fab9a0e0a48a19c65a730c2b94a5492a03a621eef220e26712700b
286a5bcfa642461849ca5397fde16452a1f50d784bc7cb1631099ced066831ee
28b8b88196f15352c2c5fd6411ae1da28f72cc1ed3cbf26a13eef570d2d9b101
292288f03d122da15bcd8cbd10868a0a047cf22e83e0f83c231f48bf23fcb860
2b50c05a7f67bb2af3c6622362567076243096d361625d4b17a3d906b0b6ce0e
2c03d34c0f5a43ee7d151810766dcaec78abfb894ed2e1fc88f58b7c7689a392
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30496a132a778ca1a50498d1b7c6e288eebf73829056422435996a775a853bca
3207d12eddcd5a7207fa64a26747eb2bc81a7544d2f871abe2e5424895100966
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
33def4d457d490ce89b5e6be3dcf904c25d03a50dd7f7a65237f395d7161b5e4
34cc6423502ba4dcc3009346d43c472d081c3b8c81ce9d5d990e1a5d3da52c15
3c038cfbe139775e4f3cdf178631db05bcb18b02a0ac286fdb72c2bb92b1c98c
3c2824b5d9d3293a4d3b231891aa2834a476f16463bfb8824e7a8225bba32053
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48c6d12327593c8395849eaaa62a016dd10711495824a90ca550a5aafeb06d79
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7888ff0f09652a80767bad958aaec1cde6d63b3fc958d9cb7d2467bb867ea2
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
5522fa3faddd44754a3031f0cea90f32c4da5ca5246a91be3f88fd58478d2005
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6200739690705845c8c84e0c50795221872b62623a68106f19d9793d6a434636
635a136e36d4a58ca3d882b71061c4764b613fe4361ea61b22dade8abda2c4b4
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
649cbacad711d96b315d708ba7f39c3670ea191df40784666ca1917ca39d0b49
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66d64ecd956174bddcffdc71bdc1e8370638915731779ae7c8b396b1f5b8cb4b
6a45749353d548335942936bb9b3fcfe5d96812bd6028eab342567e9f85547a2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6becd77411e34f8dcd313296ae9e181664a3b3cc0a044b38e1534dea05336087
6d6cb4bcf91fb483d6f958f9aec072249aa112f73fca03695a61e8cc98bd8246
6e29947674d4ba75d5417e6ad8b7d8f30cc56310394c1e5d4de713b827c31f73
71bb74021340ca7d325619d0d0da90651add48bc4c627a4c60219fda7fc40a35
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
788428389780b0f3802dcb3ad86176ba22aefec9a6d7f255794755c34d2ec264
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d0b5690d943eeec5db9b0344f07d4faf581c1f9452790fbab40ad4c11e78b57
7d4b1108c542458c340d4b9fe615104a468b1d2f043fea6a2c571d80b13c0830
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
7fa11c309a706d09eface346a5ad7fdeb7e98fdfa71ee3ce733cfd8b06f78b99
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
82411ccd8cd8814825970283d58f132cc2baa464062aa0e5fae2132ab9aee2ad
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86e4cea7590220e8b29905c5a92057f3e98d11f8e225a1e0ca762a1c83e6d8f6
896b4f9cc31ed0661191548ff72ba08ec5e3ccf1182b70a5a4ba4fe67357b067
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8fbf6dbda27863e94305c9a5b26d276bfbb627f7a34a4b0de1e3ee6a6d15fdeb
90e9b83065516945c9bc3fea2e30b562f776a832d2a968512d5faafe81ef79fe
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
94b570c0adf306d4cfd4e6acf9750c96c2f8e8e5ec413d2776f247cdcd70e754
96845fcfbd803308a459a4b196c7621672f5a5fbcc62c215f028717e9d0d660a
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
96a1951bf490b344d6776ce3b6539bb632d3019017541d876eb3f50af85444f6
99a42e69ccec698d9be89d17d7cb3efa693436bd3422b9a038919a8a878128d3
9d2ed300e56e6818a6d7436b2bf489c58af9948328afc1985caf73a9f444c71d
9d73ef96b9d0d9d2e2f4a8c2133eac7bd5fc9e3e0ec952a7d383e44a4b677db5
9ecf5cbe631f042bebb2e8bde0b900b2c1aff87a18c56d49979cf16f6cd7b1d9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a9de0b5cc458cb6c015879ca5ce1ea100339f5d315307a5b5a95476ba630c2a9
aa2364dedec6a43252d203e609c5a6f15a8a115004481e2713102c9623fb9435
aabf2045079740c4cd6d94f34fbf93ba309ba700153beff2afa134c032fc5e62
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0fcb4ddd51c77676d524222345c107a2832c4b8a35c45941071ea19f2861135
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b7fb9afe7b176646cc40746bc22781db9ff7db6bfaa0a4578f82bd74d4912456
bba05a999896e6d09e9a37b69ebb5e282d8aa0b20a5fd94a3d2a6f0a43a16a6c
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
c055220cad9ab6321c8d430056a88f8ecc1a03e77780aeced9bab04f64285e4b
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c30517bcf766f2c8b919b9705bf305fcad95108b173a4656d78d5f48c2d06ab6
c43f0bab4c9b71e46c8051079e4bd98cbe627ccedd66c9bcaee69d11d7301249
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc
c8fd40656fa6f57f7a52a36774a200a67560937fe6cd6f225565f6572adc1ddc
c9193654a23422beffa46afe37ae99483653dd827112d3678c889c0c505570eb
cda1d957a50af4fd0ca8e7740f4e8964d915265b69814f87c86d33f4df22af15
ce37160cbea725a559df460411c8e3f5995430bf35d9a792ab7ed38ef6db08df
cf38d19d37a13789e99300f5fa0110a86c4d9b3ec76d30a5a731ba72314b45b3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1d858cbffd70b52bf6b006f81d7616c495d26830775b826d82e5cbe42a66a1b
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d3871e2070a243288259b54f34b530e09ad7005f4aa0938cc8fb3dc6cc096b24
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
e3981b1db3de18ae74a074167e1d1bcab1b1762ff521ec6469c9543a690453de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fd00c3e8d4acb8eb8bd5cd63cb87f634a0661810742a2525d75e2d4bbded58
e5cada74514ea791cf21ea5c1500de5fc08454e947f0aea484b8e5ef2ce4ea18
e66cccb6fd64ae7c7e428900129c22644e340286024b3e0bcce8b94432745e7b
e8cd27492a8b97fa4c07c1210f85eb04a9a256d00733dec84de8d6bad6548b69
eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f
eba8e146cb4aeb1da575bb17f8961d2594d0f60af6d7eaed5cdc95c4dcd451a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d674f0ca536185172d956cda40c55c969b4dcfa3bd019f667aaae684692c4d
f150e1bbb75e086a62af5776f3d2a4a4da21e42f7d736904b3daf59f7ab0d8a1
fb5c24b4ea797b4578b5e62a0b549058f81130f4c360afc4b113d013053df318
fde9277e699de5f4419f378e798a3a4ddbfd429b9b6a466b64d9b2ef8526a55f

www.stuff.co.nz Open in urlscan Pro 2a02:26f0:ea:482::3871 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

141 Requests

92 %HTTPS

38 %IPv6

42 Domains

75 Subdomains

57 IPs

8 Countries

2598 kBTransfer

7428 kBSize

45 Cookies

21 Outgoing links

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.stuff.co.nz Open in urlscan Pro
2a02:26f0:ea:482::3871 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

92 %
HTTPS

38 %
IPv6

42
Domains

75
Subdomains

57
IPs

8
Countries

2598 kB
Transfer

7428 kB
Size

45
Cookies

141 HTTP transactions
3 data transactions