www.aucklandmuseum.com Open in urlscan Pro
2606:4700:20::ac43:448c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://muse.aucklandmuseum.com/
Effective URL:
https://www.aucklandmuseum.com/discover/collections/search
Submission: On November 17 via api (November 17th 2024, 2:10:25 am UTC) from US — Scanned from DE

Summary HTTP 70 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 20 domains to perform 70 HTTP transactions. The main IP is 2606:4700:20::ac43:448c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.aucklandmuseum.com. The Cisco Umbrella rank of the primary domain is 299779.
TLS certificate: Issued by WE1 on November 14th 2024. Valid for: 3 months.

This is the only time www.aucklandmuseum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	2606:4700:20:... 2606:4700:20::ac43:448c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:3::b818:4d2f	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a9a	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3ab5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:6a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
70	17

30 2606:4700:20::ac43:448c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

muse.aucklandmuseum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.aucklandmuseum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:3::b818:4d2f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

ajrctguoxo.cloudimg.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3ab5 (United States)

ASN13335 (CLOUDFLARENET, US)

us-assets.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:6a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	aucklandmuseum.com 1 redirects muse.aucklandmuseum.com www.aucklandmuseum.com — Cisco Umbrella Rank: 299779	496 KB
7	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	1 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	520 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	217 B
2	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 333 px4.ads.linkedin.com Failed	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 10745	63 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	77 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1552	2 KB
1	doubleclick.net 14006051.fls.doubleclick.net Failed ad.doubleclick.net Failed stats.g.doubleclick.net — Cisco Umbrella Rank: 135	559 B
1	posthog.com us-assets.i.posthog.com — Cisco Umbrella Rank: 19001 us.i.posthog.com Failed	59 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1536 pixel-ssn.quantserve.com Failed	9 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 831	14 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	29 KB
1	cloudimg.io ajrctguoxo.cloudimg.io	33 KB
1	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 597 southeastasia-1.in.applicationinsights.azure.com Failed	57 KB
0	googleadservices.com Failed www.googleadservices.com Failed
0	byspotify.com Failed pixel.byspotify.com Failed
0	tiktok.com Failed analytics.tiktok.com Failed
0	hotjar.com Failed static.hotjar.com Failed
0	aspnetcdn.com Failed ajax.aspnetcdn.com Failed
70	20

	Domain	Requested by
29	www.aucklandmuseum.com	www.aucklandmuseum.com
6	www.googletagmanager.com	www.aucklandmuseum.com www.googletagmanager.com
4	www.google.com	2 redirects www.aucklandmuseum.com www.googletagmanager.com
3	region1.analytics.google.com	js.monitor.azure.com
2	www.facebook.com	www.aucklandmuseum.com
2	px.ads.linkedin.com	js.monitor.azure.com
2	www.google.de	www.aucklandmuseum.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
1	rules.quantcount.com	secure.quantserve.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	us-assets.i.posthog.com	www.aucklandmuseum.com
1	secure.quantserve.com	www.aucklandmuseum.com
1	snap.licdn.com	www.googletagmanager.com
1	code.jquery.com	www.aucklandmuseum.com
1	ajrctguoxo.cloudimg.io	www.aucklandmuseum.com
1	js.monitor.azure.com	www.aucklandmuseum.com
1	muse.aucklandmuseum.com	1 redirects
0	southeastasia-1.in.applicationinsights.azure.com Failed	js.monitor.azure.com
0	pixel-ssn.quantserve.com Failed	www.aucklandmuseum.com
0	px4.ads.linkedin.com Failed	www.aucklandmuseum.com
0	us.i.posthog.com Failed	js.monitor.azure.com
0	ad.doubleclick.net Failed	www.aucklandmuseum.com
0	14006051.fls.doubleclick.net Failed	www.googletagmanager.com
0	www.googleadservices.com Failed	www.googletagmanager.com
0	pixel.byspotify.com Failed	www.aucklandmuseum.com
0	analytics.tiktok.com Failed	www.aucklandmuseum.com
0	static.hotjar.com Failed	www.googletagmanager.com
0	ajax.aspnetcdn.com Failed	www.aucklandmuseum.com
70	28

This site contains no links.

Subject Issuer	Validity	Valid
aucklandmuseum.com WE1	`2024-11-14` - `2025-02-12`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
js.monitor.azure.com Microsoft Azure RSA TLS Issuing CA 04	`2024-08-20` - `2025-08-15`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.cloudimg.io DigiCert TLS RSA SHA256 2020 CA1	`2024-09-15` - `2025-09-17`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-26` - `2024-11-24`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
quantserve.com R11	`2024-10-22` - `2025-01-20`	3 months	crt.sh
*.i.posthog.com WE1	`2024-10-05` - `2025-01-03`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.de WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.aucklandmuseum.com/discover/collections/search
Frame ID: F9554FB9BD2F48BF14326F6CD6F00BB3
Requests: 67 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.aucklandmuseum.com
Frame ID: 64FBFC0813C694975AA95C788DDC3916
Requests: 1 HTTP requests in this frame

Frame: https://14006051.fls.doubleclick.net/activityi;src=14006051;type=pagev0;cat=allpa0;ord=2233050504137;npa=1;auiddc=314137965.1731809395;ps=1;pcor=705369759;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bc0v9172987267z876826785za201zb76826785;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067554~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch
Frame ID: F22B427D37C7DE67E7B77EB88CABE349
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Search - Collections Online - Auckland War Memorial Museum

Page URL History Show full URLs

http://muse.aucklandmuseum.com/ HTTP 307
https://muse.aucklandmuseum.com/ HTTP 301
https://www.aucklandmuseum.com/discover/collections/search Page URL

Detected technologies

Kentico CMS (CMS) Expand

Overall confidence: 100%
Detected patterns

/CMSPages/GetResource\.ashx

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

70
Requests

79 %
HTTPS

100 %
IPv6

20
Domains

28
Subdomains

17
IPs

3
Countries

1300 kB
Transfer

3580 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://muse.aucklandmuseum.com/ HTTP 307
https://muse.aucklandmuseum.com/ HTTP 301
https://www.aucklandmuseum.com/discover/collections/search Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3226212&time=1731809395323&conversionId=17741452&url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3226212&time=1731809395323&conversionId=17741452&url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&tm=gtmv2&e_ipv6=AQJii-H_B9dYrgAAAZM34kMfiG-d2UbMJOeqJYjIL7eeyfFnSRasCSHFm8iIgQwdEiRfV2fNH7ajmZFkd0tsz4l2t6Dj

Request Chain 64

https://pixel.quantserve.com/pixel;r=1285951062;labels=_fp.event.Search%2C_fp.event.Discover;rf=0;a=p-hBBM68Exb36my;url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1731809395806;tzo=-60;ogl=image.https%3A%2F%2Fwww%252Eaucklandmuseum%252Ecom%2Fimages%2Faucklandmuseum%2Fam_logo_fb%252Epng%2Ctitle.Search%2Cdescription.%2Curl.https%3A%2F%2Fwww%252Eaucklandmuseum%252Ecom%2Fdiscover%2Fcollections%2Fsearch%2Csite_name.Auckland%20War%20Memorial%20Museum%2Ctype.website;ses=e90a8e74-c9c7-4a94-8000-cc48bbb4c08f;d=aucklandmuseum.com;uht=2;fpan=1;fpa=P0-418334440-1731809395808;pbc=;gdpr=0;mdl= HTTP 302
https://pixel-ssn.quantserve.com/pixel;r=1285951062;labels=_fp.event.Search%2C_fp.event.Discover;rf=0;a=p-hBBM68Exb36my;url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1731809395806;tzo=-60;ogl=image.https%3A%2F%2Fwww%252Eaucklandmuseum%252Ecom%2Fimages%2Faucklandmuseum%2Fam_logo_fb%252Epng%2Ctitle.Search%2Cdescription.%2Curl.https%3A%2F%2Fwww%252Eaucklandmuseum%252Ecom%2Fdiscover%2Fcollections%2Fsearch%2Csite_name.Auckland%20War%20Memorial%20Museum%2Ctype.website;ses=e90a8e74-c9c7-4a94-8000-cc48bbb4c08f;d=aucklandmuseum.com;uht=2;fpan=1;fpa=P0-418334440-1731809395808;pbc=;gdpr=0;mdl=;dip=4304ce82-0d5c-405a-8404-973db7a78390

Request Chain 68

https://www.google.com/pagead/1p-conversion/961485226/?random=1731809395138&cv=11&fst=1731809395138&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4be0h2z876826785za201zb76826785&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&label=aX_GCMah27ADEKqzvMoD&hn=www.googleadservices.com&frm=0&tiba=Search%20-%20Collections%20Online%20-%20Auckland%20War%20Memorial%20Museum&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=314137965.1731809395&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&gcp=1&sscte=1&ct_cookie_present=1 HTTP 302
https://www.google.com/pagead/1p-conversion/961485226/?random=1605356544&cv=11&fst=1731809395138&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4be0h2z876826785za201zb76826785&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&label=aX_GCMah27ADEKqzvMoD&hn=www.googleadservices.com&frm=0&tiba=Search%20-%20Collections%20Online%20-%20Auckland%20War%20Memorial%20Museum&value=0&npa=1&pscdl=noapi&auid=314137965.1731809395&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&gcp=2&sscte=1&ct_cookie_present=1&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII6saxAgjTxbEC&eitems=ChAIgKLhuQYQ8re0vpXytqIHEh0A-j83lrtaPTMfDxSBmE8Wj65fXymSxV_GCARXTg&pscrd=IhMI5O_S7KTiiQMViImDBx0vNDVDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh9odHRwczovL3d3dy5hdWNrbGFuZG11c2V1bS5jb20vQlZDaEFJZ0tMaHVRWVFwSl9WeGVxZnNLZDlFaXdBRk5ZV1BFLUNNYl90b1VfclJUaU9ua3FDVDc5SmM5c19kNi0tdXRVcXh5anBlTW02c3VTSV9jbDlUZw HTTP 302
https://www.google.de/pagead/1p-conversion/961485226/?random=1605356544&cv=11&fst=1731809395138&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4be0h2z876826785za201zb76826785&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&label=aX_GCMah27ADEKqzvMoD&hn=www.googleadservices.com&frm=0&tiba=Search%20-%20Collections%20Online%20-%20Auckland%20War%20Memorial%20Museum&value=0&npa=1&pscdl=noapi&auid=314137965.1731809395&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&gcp=2&sscte=1&ct_cookie_present=1&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII6saxAgjTxbEC&eitems=ChAIgKLhuQYQ8re0vpXytqIHEh0A-j83lrtaPTMfDxSBmE8Wj65fXymSxV_GCARXTg&pscrd=IhMI5O_S7KTiiQMViImDBx0vNDVDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh9odHRwczovL3d3dy5hdWNrbGFuZG11c2V1bS5jb20vQlZDaEFJZ0tMaHVRWVFwSl9WeGVxZnNLZDlFaXdBRk5ZV1BFLUNNYl90b1VfclJUaU9ua3FDVDc5SmM5c19kNi0tdXRVcXh5anBlTW02c3VTSV9jbDlUZw&ipr=y

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request search Show response
www.aucklandmuseum.com/discover/collections/
Redirect Chain

http://muse.aucklandmuseum.com/
https://muse.aucklandmuseum.com/
https://www.aucklandmuseum.com/discover/collections/search

76 KB
20 KB

1066ms
1049ms

Document
text/html

2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da56c4e2c68bb87a25f3f996a8ed75408cb47d087796d08eb5a8d2187743a482

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-expose-headers: Request-Context
alt-svc: h3=":443"; ma=86400
cache-control: private, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e3c2e664f3bd2ce-FRA
content-encoding: br
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
content-type: text/html; charset=utf-8
date: Sun, 17 Nov 2024 02:09:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WFQmUNjP8FUT%2FEyU516jvpWiprYh725ENdJDhOATZzPMAs%2BSKJ2halFRNRenBxFYAirRASRYqylKAhqh3dg65CMPjY9T3rWb5c62dj7c5T7rYyDPQT6bqow6FA%2Fp%2BsKb7DsJ%2F2tvdEF3Dr1%2FdQJNALv7Vbc%3D"}],"group":"cf-nel","max_age":604800}
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=34403&sent=16&recv=12&lost=0&retrans=0&sent_bytes=5079&recv_bytes=4891&delivery_rate=1787&cwnd=12000&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1121&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=15552001; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge IE=Edge
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 8e3c2e65fee8d2ce-FRA
content-length: 167
content-type: text/html
date: Sun, 17 Nov 2024 02:09:53 GMT
expires: Sun, 17 Nov 2024 03:09:53 GMT
location: https://www.aucklandmuseum.com/discover/collections/search
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TgAiBuzLbk48WEkHcekl5Ak321ASWr2knNEV6%2BsUG6DdDXITXEBB661EAfMIiN1WHDfKumOce%2BRR0jIlE88xVjaQa1f%2B863JfCcreQcqlQK8g%2FziqjvjtTAymi2mnDQpAInkHxasj%2BA7tchyfYlRNgfgYytU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 modular.css
www.aucklandmuseum.com/client/css/modular/ 52 KB
14 KB 66ms
64ms Stylesheet
text/css 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/client/css/modular/modular.css?4900

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97f7ed549a176ec35a88dbdfa01b9fa8df5380f8f096a99e1fc186ddd2b65cfa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: HIT
etag: "0adb957532adb1:0"
age: 366189
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YyLv%2B2Z4G8Xlnl4bsdQ7Jcs2ujdRnvlhROMOJUg%2FEG1QjcTXQzDNPFGyUyo1JrBq%2FoN8RO4Ffj7Fp79vdwsVAsABqMOW8IieaX8ScMA620SWuMtYyD6FdfKL9aFmbBFF2VoaJ77VHE6907vy1IP5C57HqLk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30738&sent=43&recv=26&lost=0&retrans=0&sent_bytes=32126&recv_bytes=8937&delivery_rate=415698&cwnd=13200&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1189&x=1", cfHdrFlush;dur=22
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: text/css
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6d0dadd2ce-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11999
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 style.css
www.aucklandmuseum.com/client/css/aucklandmuseum/ 147 KB
46 KB 40ms
37ms Stylesheet
text/css 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/client/css/aucklandmuseum/style.css?4900

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8495a01b1aeccf3721b9dbd620535e3004cc3e7715dbc02f62d3d8c888a78b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: HIT
etag: "0adb957532adb1:0"
age: 456244
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KW4vZ4tHDbuA7YqZNwoNwE0Lo%2FiPaleFmEh9cz39MP4BiZSnqUA6jzK9Pnan%2FjtQ1vMOuBCRNRUI9PqtIMQB75nzDnTf167epcgos3g6Y0Z9Jd7O3TDmYDRpOS0wvpc8EVqnpeA2ehqn8l8EbYK%2FdyHoc2Y%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30738&sent=31&recv=26&lost=0&retrans=0&sent_bytes=18926&recv_bytes=8937&delivery_rate=415698&cwnd=13200&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1186&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: text/css
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6d0daed2ce-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44854
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 modernizr-touch.js Show response
www.aucklandmuseum.com/client/javascript/aucklandmuseum/lib/ 2 KB
4 KB 89ms
86ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/client/javascript/aucklandmuseum/lib/modernizr-touch.js?4900

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

948a03385916b9434ce202dcd47ed32c5477be0c7c0a46335ebc2f1d0fde085f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: HIT
etag: "0adb957532adb1:0"
age: 456244
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f7VSvtwsysaSvsV8i%2FS67mxz6LN23ZpAjJuXYz5HZ8yQmx7ttZSVOTZQFMZcRTzxwGALdEE2cdPade2HxTbmdPc49Jx9RlF%2F8mWTs9tXYj%2BsoD3cg83HOJlpOKHrwplmuic5BAeqEDe3Xn0gyaTUHB55YDk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30738&sent=43&recv=26&lost=0&retrans=0&sent_bytes=32126&recv_bytes=8937&delivery_rate=415698&cwnd=13200&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1187&x=1", cfHdrFlush;dur=24
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6d0dafd2ce-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1559
x-xss-protection: 1; mode=block
server: cloudflare

GET WebForms.js
ajax.aspnetcdn.com/ajax/4.6/1/ 0
0

GET
H3 200 lazysizes.min.js Show response
www.aucklandmuseum.com/client/ 8 KB
6 KB 96ms
94ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/client/lazysizes.min.js?4900

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e76fb8d9f216898822b92b5be7fc0b3085b9a3685b14089d64a10935e83a08c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: HIT
etag: "0adb957532adb1:0"
age: 456244
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DgYq4eIQgiZtLJnX5j4%2FkhEKVjPG3VQ8jEJJ98%2BY3PqIxfCbae8SDLScHFq1xzK74eBCgDb4g65Y1X2JI7zwTy74EotrwJVROFW8KSzR7dWvKjXw5f%2B6Sbaz73Sd5aZTKvOqG5OIgi6o6qCgC2QmbV9ID5Q%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30738&sent=43&recv=26&lost=0&retrans=0&sent_bytes=32126&recv_bytes=8937&delivery_rate=415698&cwnd=13200&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1194&x=1", cfHdrFlush;dur=17
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6d0db0d2ce-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4240
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 js-cloudimage-responsive.min.js Show response
www.aucklandmuseum.com/client/ 43 KB
19 KB 113ms
111ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/client/js-cloudimage-responsive.min.js?4900

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

882a793ae4dd5578a64f567e78f6b5738b1aa8a9c1aadbe3e9a3b651654fd305

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: HIT
etag: "0adb957532adb1:0"
age: 371647
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MdfgND%2B7GkGmiKK9rCLs40%2Fqx9qExt8LXLc9Ecn1R4GZtE0XbvhUFb5uFCe7%2BdxVmbhCopJfnmeAaX6BVf8ViQPwxy%2Fk5y%2BW3tPd49YAPg1z2IosBukGdpIypJjL3%2Bfeae6O6VIsHAFpr7zammRoXdzraqs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30738&sent=43&recv=26&lost=0&retrans=0&sent_bytes=32126&recv_bytes=8937&delivery_rate=415698&cwnd=13200&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1188&x=1", cfHdrFlush;dur=23
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6d0db1d2ce-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17560
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ScriptResource.axd Show response
www.aucklandmuseum.com/ 87 KB
36 KB 782ms
780ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/ScriptResource.axd?d=qph9tUZ6hGPLbkznkRkqTZoeKP4zvyrv7Hnt-DQTh-UaGLj3myTWwI16KdpIqeGCu3jveyJJpWZKFUZT_UL_3gt001M3HL1KlXwXG2D85xpk_atG0&t=7c776dc1

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f9425c961900c8d8b3b30085c3969eef0c845a11c5be9fad704d160c64a12f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=boGGB7xbYMktrx1GoPgoI4Kq25urxB%2F%2BqTzIZEzjd8lco8w1eVdd%2F1NJ%2BgSduEDD40aKUWGkRPi6OG6kSe77zHVkoXAoduHVOqW%2FnjCgmti4ALGL7MU63tegpTy87591GJmPzHV8k6%2BUv8%2BEQMtiVawVpeU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 18:57:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27714&sent=377&recv=110&lost=0&retrans=0&sent_bytes=397678&recv_bytes=21077&delivery_rate=231809&cwnd=146700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1925&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 18:57:34 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6d0db2d2ce-FRA
access-control-allow-origin: *
content-length: 35037
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ScriptResource.axd Show response
www.aucklandmuseum.com/ 36 KB
14 KB 781ms
779ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/ScriptResource.axd?d=TvpD2YGOOsCm1yWcLkKnBRGobAjOaeoRoQuRJa6umjyuPM-QH94hi5sMzHDo_ie6T8BmHKtg88PZ2SrTlKqJ9Wx_KEBYptgaubTcXZ5ueKFWfTk20&t=7c776dc1

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e44c3b782978c44af9885b97302632e45ff19d01ecb745e91d21cf597c22cb29

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NoYxzMW2vAMDk17BYqJ79baB77T4951%2BUV%2BXJY2smU1lzx9%2Fyfjtj5CzHxvGKisjXfvgpSJcbUS%2FOQ%2FK3ccJCHqd5BlDoFbOlPIv8a9NRQ4ctuZ%2FXyGm1oIa35%2BnWM1dbVxaF5wSuA%2B1ML%2BLBmHCc9wcrmU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 18:57:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27714&sent=367&recv=110&lost=0&retrans=0&sent_bytes=385678&recv_bytes=21077&delivery_rate=231809&cwnd=146700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1924&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 18:57:34 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6d0db3d2ce-FRA
access-control-allow-origin: *
content-length: 12643
x-xss-protection: 1; mode=block
server: cloudflare

GET Focus.js
ajax.aspnetcdn.com/ajax/4.6/1/ 0
0

GET
H3 200 am-logo.svg
www.aucklandmuseum.com/Client/IMG/Modular/ 755 B
2 KB 112ms
110ms Image
image/svg+xml 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aucklandmuseum.com/Client/IMG/Modular/am-logo.svg

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19b388e733f0af2b17dd1bd41d2c776079e40aaf5efad3a2c0b62efd78d4a1e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: br
cf-cache-status: HIT
etag: W/"0adb957532adb1:0"
age: 371647
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vGXHLZao0kvPzhB9xDSnn1admo96EWSoeQAIe8nR6jNxRaT0t4V5O0ev52s9ZQFpoBnJivWhf0jFFsmlo4tlkANkILfg58fyVrPokbLgxCEYqQIZY6gnTWi68Q4hh2nmnbArGxuClqxgYHyKg2VITuPu%2BkM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30738&sent=43&recv=26&lost=0&retrans=0&sent_bytes=32126&recv_bytes=8937&delivery_rate=415698&cwnd=13200&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1191&x=1", cfHdrFlush;dur=20
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: *
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6d0db6d2ce-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 383 KB
120 KB 115ms
51ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K9LBT2N

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ce6ae3715497bf2a26cc1fe4767936196c604a36906b1f96d484c1a3fa4005c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 17 Nov 2024 02:09:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 17 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 122040
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 print.css
www.aucklandmuseum.com/client/css/aucklandmuseum/ 3 KB
4 KB 38ms
36ms Stylesheet
text/css 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/client/css/aucklandmuseum/print.css?4900

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f856a76ea6ebe60d818ae4a697420b8b1a5704dbac3d714260dd844017fdd60

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: HIT
etag: "0adb957532adb1:0"
age: 456243
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GZPwcTeyTYjhJTPK6asVtDtJII%2FLiB4lUP9gtprmBJp5iWy5embXZQbtts1F6JnENw40nobdsIFbpYPUw64cxlTDXU7TKZpGzXSzitD3hR4kIpwn%2Fy5D2XLIfHB4ar6FvzH6NnhuUahC1Pln%2F5Dysq%2FMpro%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24760&sent=117&recv=60&lost=0&retrans=0&sent_bytes=114314&recv_bytes=11282&delivery_rate=1205343&cwnd=56700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1284&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: text/css
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6dae45d2ce-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1564
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ 120 KB
57 KB 185ms
44ms Script
text/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.aucklandmuseum.com
Referer: https://www.aucklandmuseum.com/

Response headers

x-azure-ref: 20241117T020954Z-15f56cb949cmx6zchC1FRA6fz400000001w000000001ce7b
cache-control: public, max-age=1800, immutable, no-transform
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 33e2be24-f01e-0042-2eed-3694c1000000
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.18.min.js
access-control-allow-origin: *
x-cache: TCP_HIT
x-ms-meta-aijssdkver: 2.8.18
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 20 Mar 2024 17:31:27 GMT

GET
H3 200 gotham-narrow-ssm-400.woff
www.aucklandmuseum.com/client/css/aucklandmuseum/fonts/ 34 KB
36 KB 37ms
36ms Font
application/font-woff 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/client/css/aucklandmuseum/fonts/gotham-narrow-ssm-400.woff

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/client/css/aucklandmuseum/style.css?4900

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3dc20692b3a194b198aea7caaf241ec9bc00041263117de7542be4c1210e7ee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.aucklandmuseum.com
Referer: https://www.aucklandmuseum.com/client/css/aucklandmuseum/style.css?4900

Response headers

access-control-expose-headers: Request-Context
content-encoding: br
cf-cache-status: HIT
etag: W/"0adb957532adb1:0"
age: 456243
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YHnZn9B0j07iFrcR1%2BtH4v7DTeVq1kY%2FhLmpY8Qn8ZZNAFNbrR6IoV%2FcGxPQHKc%2FzAXiXty1lJz8JOAOpo5FpOO5RdS2kFRTq%2Fh%2Bik6xbc0RHb1%2FgXJ3GBKWfsL%2BSI9K7q6aUEoTwVGN%2B806hfIqHMpsSpk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24529&sent=121&recv=65&lost=0&retrans=0&sent_bytes=118063&recv_bytes=11506&delivery_rate=1451918&cwnd=56700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1290&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: application/font-woff
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: *
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6dae4bd2ce-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 search-white.svg
www.aucklandmuseum.com/Client/IMG/Modular/icons/ 473 B
2 KB 42ms
41ms Image
image/svg+xml 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aucklandmuseum.com/Client/IMG/Modular/icons/search-white.svg

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e6da0ef0d5cb4c7b0a9e7ba7bb244bb4ba806f5ed07f5477fb1ce34a4c0bbbc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: br
cf-cache-status: HIT
etag: W/"0adb957532adb1:0"
age: 56232
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JFpxp%2Bmwe4g5L%2Be5upu1D%2BC3maem6eDPwEEAPInKcR5uWd67x4tXKXEW8FjEx3%2FkuGbX8FFcb1WmwoeasNmqgF1Nr82Fs%2FoIT%2FBqfVxC27rDaIm%2Bx6BC4hnWEV9zgfqhykXcDdpc%2FSQ2FMK0RLVHKs81Q%2FE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24534&sent=165&recv=88&lost=0&retrans=0&sent_bytes=162435&recv_bytes=20085&delivery_rate=1224208&cwnd=56700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1340&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: *
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6dfe90d2ce-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 close-white.svg
www.aucklandmuseum.com/Client/IMG/Modular/icons/ 226 B
2 KB 47ms
43ms Image
image/svg+xml 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aucklandmuseum.com/Client/IMG/Modular/icons/close-white.svg

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41b156770ac5e9b69e41b6e2f23f9ad6e4399daa59e48dea29cbbb5338a7ae00

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: br
cf-cache-status: HIT
etag: W/"0adb957532adb1:0"
age: 371647
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iTfzM2rp%2FTABInNLvjugqAXc4BUcocLFDp2ckrjtnkYtiKgf%2F2kGCzL0gEhoRqFnyg0uO1lkRT5f8ZoefzJi9wk%2FXcDssWMFot0z%2F7wU5KN%2BazJYau8QAlkzOvWB7z3wG1iPqhmsdSXub%2B%2F0TvqITqjf7TY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24534&sent=168&recv=88&lost=0&retrans=0&sent_bytes=164867&recv_bytes=20085&delivery_rate=1224208&cwnd=56700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1342&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: *
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6dfe97d2ce-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 menu-white.svg
www.aucklandmuseum.com/Client/IMG/Modular/icons/ 149 B
2 KB 46ms
40ms Image
image/svg+xml 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aucklandmuseum.com/Client/IMG/Modular/icons/menu-white.svg

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d512b06ff52a3f7939d980239249dfdcab98d40fae2ec0068798a3701aac1b4e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: br
cf-cache-status: HIT
etag: W/"0adb957532adb1:0"
age: 371647
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2FfhFIKDuCfTQhAScINyiZ1w8%2Ft3DO%2Bk4nf94wux%2FUvmamZbxULJnTJUZ8sr2gk0jKw1IHYgwp7rTBD1S459D%2Bhb5MMcSUlDjfayF87JRX5hB2iR2QNHiBuI7USCeIVnr7RMDqA6cnoJm7mtnoBcoWmhrIE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24534&sent=171&recv=88&lost=0&retrans=0&sent_bytes=167186&recv_bytes=20085&delivery_rate=1224208&cwnd=56700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1342&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: *
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6dfe9cd2ce-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 close-black.svg
www.aucklandmuseum.com/Client/IMG/Modular/icons/ 214 B
2 KB 55ms
48ms Image
image/svg+xml 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aucklandmuseum.com/Client/IMG/Modular/icons/close-black.svg

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4acf565b75f5edc8987503d6714415019db979f7090966c4ebdb5be1ae68bfa4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: br
cf-cache-status: HIT
etag: W/"0adb957532adb1:0"
age: 456663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aJj7ShPCHk%2Fej4FrLBnRYeEZy9M3gwVJuLqXimvT%2F8Nu7oLiKcQsrcvIVX1XjMBaOn8rcvMU2ZFQv6E9G9azCzf%2FZfDnPMmEAzVLP2uIEEp%2BcYUT5vJSR9hXKxNYtS3bpEVyojiPVSTUoEgovG5Ys3mcxTM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24534&sent=174&recv=88&lost=0&retrans=0&sent_bytes=169471&recv_bytes=20085&delivery_rate=1224208&cwnd=56700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1347&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: *
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6dfea0d2ce-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
995 B 105ms
38ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=EndRequestHandler&render=explicit

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

940e03220d5dd2850dd026dcc8a4a9100bd22dae2f158c35095caa16bab28144

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 02:09:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sun, 17 Nov 2024 02:09:54 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 https%3A%2F%2Fstaging.aucklandmuseum.com%2Fgetmedia%2F542fff9e-e673-4fbc-98df-102206db353d%2FAuckland-Museum-Membership-Clearcut
ajrctguoxo.cloudimg.io/v7/ 32 KB
33 KB 202ms
52ms Image
image/png 2a02:26f0:3500:3::b818:4d2f
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ajrctguoxo.cloudimg.io/v7/https%3A%2F%2Fstaging.aucklandmuseum.com%2Fgetmedia%2F542fff9e-e673-4fbc-98df-102206db353d%2FAuckland-Museum-Membership-Clearcut?ci_url_encoded=1&force_format=png&org_if_sml=1&func=cropfit&gravity=face

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d2f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

007763b87fc3c1e59ecbb6eaf5d54a801f8a74869dc035dbb5794475eae5dd82

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

x-hexa-originusedcode: 200
etag: "1285404014"
x-hexa-initwait: probably_cached, first_req 1104977s ago, no_wait
x-hexa-flowtrace: AnRo<200:PNG>Rr<ok1>M[0]R
access-control-allow-methods: POST, GET, OPTIONS
x-origin-visibility: OV_NORMAL_FILE
x-resource-status: cached_resized
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: image/png
x-hexa-masterrefresh
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
cache-control: public, max-age=2542468, s-maxage=2592000
timing-allow-origin: *
akamai-request-bc: [a=23.54.207.47,b=14696189,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]
access-control-allow-origin: *
x-debug-original-url: /v7/https%3A%2F%2Fstaging.aucklandmuseum.com%2Fgetmedia%2F542fff9e-e673-4fbc-98df-102206db353d%2FAuckland-Museum-Membership-Clearcut?ci_url_encoded=1&force_format=png&org_if_sml=1&func=cropfit&gravity=face
content-length: 33154
x-xss-protection: 1
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: C080_241116122358_a172f_JSjZ#350y

GET
H3 200 GetCSS.aspx
www.aucklandmuseum.com/CMSPages/ 29 KB
7 KB 234ms
229ms Stylesheet
text/css 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/CMSPages/GetCSS.aspx?stylesheetname=DynamicFooter

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f42bd54149cbd50a46b415f833bdd0ba690b829feb531b5d00db99685508d5e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "cssstylesheet|5e4e0c03-8c10-4630-b49c-1f589156dca8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mAF75Du%2FsR9sjUDaV81CXH%2BXibf%2Ff2KtLsTxZKgvixoto6vw3xHqdRx6dEGhOHhaNARZjD035qTFLrtBVDvd6OVEzRxAMEBAhWJ7xr0%2FCvoqOwxHq96lCWOOKw9bMguNFHK1KLIk5%2BOfSJmImlw9siyGJeE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 02:09:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27957&sent=360&recv=109&lost=0&retrans=0&sent_bytes=378200&recv_bytes=21032&delivery_rate=3269723&cwnd=146700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1536&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 29 Aug 2022 23:22:41 GMT
vary: Accept-Encoding
content-disposition: attachment; filename="DynamicFooter.css"
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: public, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6e0ea6d2ce-FRA
access-control-allow-origin: *
content-length: 5094
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 GetResource.ashx Show response
www.aucklandmuseum.com/CMSPages/ 1 KB
3 KB 788ms
782ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/CMSPages/GetResource.ashx?scriptfile=~/CMSScripts/Custom/DynamicFooter/reactscripts.js

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e40b38fb762963adbe977f0fb3108492307547862dca4b41b5149c4c9ddfc8b5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "file|10/30/2024 11:38:56 AM"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4cuM6fE8lUcZvMoyFnr3pojAq%2BK4CTaodOLF2WrYstYH1AJ70w2FIR0PfF90PFBjU2HUrYbHUEN82xrb1B3RaoDlufXk3dSZF%2FewC9%2FhC6%2FY22Fbzzzyx9kJ%2Bq5UXifR5FSacdilO2bDcZ%2FBqRh6RiVNu%2F8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 02:09:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28839&sent=394&recv=113&lost=0&retrans=0&sent_bytes=416874&recv_bytes=21210&delivery_rate=1012508&cwnd=146700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=2089&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 22:38:56 GMT
vary: Accept-Encoding
content-disposition: attachment; filename="reactscripts.js"
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6e0ea9d2ce-FRA
access-control-allow-origin: *
content-length: 938
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 GetResource.ashx Show response
www.aucklandmuseum.com/CMSPages/ 165 KB
69 KB 794ms
788ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/CMSPages/GetResource.ashx?scriptfile=~/CMSScripts/Custom/DynamicFooter/2.chunk.js

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b4eaf7c5c3c62a91b28bd5d4aa8475a44a18ffd185dec3698579dbb95579a5e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "file|10/30/2024 11:38:56 AM"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yJxTGG3DnyT8w25hXyiIa4tkulRmiYQIrXNk7mylYnyPNNxJ1BWmccOU0B4RbeM9jE8w3FBmJUqr85gj%2Ffu%2BKY6TDHLSyyrBYPAjn9i%2FFe5QgmKS70A8RqZ6o4sqoxIOBiCSYb8uTEtSmTytKktBjLmjvHA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 02:09:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28839&sent=397&recv=113&lost=0&retrans=0&sent_bytes=420068&recv_bytes=21210&delivery_rate=1012508&cwnd=146700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=2095&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 22:38:56 GMT
vary: Accept-Encoding
content-disposition: attachment; filename="2.chunk.js"
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6e0eabd2ce-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 GetResource.ashx Show response
www.aucklandmuseum.com/CMSPages/ 31 KB
11 KB 863ms
857ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/CMSPages/GetResource.ashx?scriptfile=~/CMSScripts/Custom/DynamicFooter/main.chunk.js

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40f75e5016869b213eeef1ab4af4086f24a5a74de067e0e365a6d4eb73165cc3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "file|10/30/2024 11:38:56 AM"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=01fXD1Tla8W6CgmjJq5bYsrcCTSBnVk7V55cCghVWyIqObdsS2b%2Bcvk4idmjr6GSL1lwZA%2BXpxJAJxfAm%2BDs9hFk2pf5ia1Ljl8YaOgCSlBOhBmYGx6oH%2BNVsOAo1Vi9Wv%2BkCpYZrAo7s2m%2F7tQPaeXQFcc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 02:09:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27734&sent=430&recv=117&lost=0&retrans=0&sent_bytes=458003&recv_bytes=21389&delivery_rate=1306499&cwnd=146700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=2162&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 22:38:56 GMT
vary: Accept-Encoding
content-disposition: attachment; filename="main.chunk.js"
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6e0eadd2ce-FRA
access-control-allow-origin: *
content-length: 8725
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 108ms
25ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.aucklandmuseum.com
Referer: https://www.aucklandmuseum.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-14e4a"
age: 1800065
x-cache: MISS, HIT
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 0, 121162
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga21935-LGA, cache-fra-etou8220022-FRA
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1731809395.957420,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29811
server: nginx

GET
H3 200 main.min.js Show response
www.aucklandmuseum.com/client/javascript/aucklandmuseum/min/ 168 KB
68 KB 71ms
66ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/client/javascript/aucklandmuseum/min/main.min.js?4900

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82845e0d281e04a8cc40462e692d5e9b64a6d682a5eb88034db6d375a7144d36

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: HIT
etag: "0adb957532adb1:0"
age: 366188
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WuWPls9QLjQXzgtJW7L%2BGdU%2FxdchMiWdzJVzO6roecfxZjDclKSk1whnLqzO5a5M3sLDi727z82ol6ARRYDGuh%2Bp4KEo%2BaDn5BPG8%2B99jNTmzrsoA9aNHb7nryh3hvj7UpkUOuUtn6k819eZGPVvlYnXgSk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24534&sent=220&recv=88&lost=0&retrans=0&sent_bytes=219135&recv_bytes=20085&delivery_rate=1224208&cwnd=56700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1351&x=1", cfHdrFlush;dur=23
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6e0eaed2ce-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 stickyfill.min.js Show response
www.aucklandmuseum.com/Client/Javascript/Modular/ 6 KB
5 KB 52ms
47ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/Client/Javascript/Modular/stickyfill.min.js?4900

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b608be012b96fc0c17371624bc3c86185350749086e18894a4c61f3b38429c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: HIT
etag: "0adb957532adb1:0"
age: 456663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oi4mnFR4TfPkBIhryzrd9hm287UBOmvmnKGx%2BKtoK%2B4u8qTerc8t9itNoHUprFZOHCsb4BHcpDLva%2BfQbU%2Fc7xxEpZDmTNK9iKiXNqh2xR9qeMv%2FKmuu6paMfin%2FY%2FMG1fShAXqchGRHTZz2kGRDQLMpagM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24534&sent=189&recv=88&lost=0&retrans=0&sent_bytes=183388&recv_bytes=20085&delivery_rate=1224208&cwnd=56700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1349&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6e0eb0d2ce-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2505
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 frame.js Show response
www.aucklandmuseum.com/Client/Javascript/Modular/ 697 B
2 KB 50ms
45ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/Client/Javascript/Modular/frame.js?4900

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36bcd89cf32426d8e3961a73376cc2e999ea28e344596bece26c1b202b20ff80

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: HIT
etag: "0adb957532adb1:0"
age: 371647
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NHKVfGcX%2F5Oy7VJFzou75eRhrXFmpDBjWnvXIqZu0NScBf9c6cSQDFQbd3SpCQJbR5Kh3j5f8%2F4oOlCfyDTTZWvhPhoY2Qzn4%2FweLBADLJdsWT4M1shgXbxm5hQT7ob%2FgvlEd2e%2F9lI6axuKw4zz1KGDfr8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24534&sent=177&recv=88&lost=0&retrans=0&sent_bytes=171778&recv_bytes=20085&delivery_rate=1224208&cwnd=56700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1347&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6e0eb2d2ce-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 435
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 jquery.fancybox.pack.js Show response
www.aucklandmuseum.com/Client/Javascript/Modular/fancybox/ 23 KB
12 KB 73ms
68ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/Client/Javascript/Modular/fancybox/jquery.fancybox.pack.js?4900

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2be721560b8cae178785531dc523d2f7b9b173bb6571536fed94a85c0d31c525

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: HIT
etag: "0adb957532adb1:0"
age: 371647
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2jIf2pkDYaN0%2FMLyiS%2FXYHxfJtiyHwkLBVMBet%2Bd4t%2BKxomFgzjcELnBlY%2BwO%2Fa3A2PTTWS2n1yZeVCVhD0TuSTVeepCuJjeMqJXp%2B6eMla6LVw85R5%2FofulPHJiyIUAD8g9N%2BvSxnCt309N%2BUeF%2FMtUTxQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24534&sent=220&recv=88&lost=0&retrans=0&sent_bytes=219135&recv_bytes=20085&delivery_rate=1224208&cwnd=56700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1351&x=1", cfHdrFlush;dur=23
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6e0eb4d2ce-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10653
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 owl.carousel.min.js Show response
www.aucklandmuseum.com/Client/Javascript/Modular/ 43 KB
17 KB 73ms
69ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/Client/Javascript/Modular/owl.carousel.min.js?4900

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: HIT
etag: "0adb957532adb1:0"
age: 456663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a4L3SSy5fjoEL5elPkTvWYDBWwIJ%2FVS0RkCXLMgb2FY9fpBLvUsoAaYJdPza%2BfO%2FaWBjrjYOvU36kxa9V1U6hAztgP024Fbp0O%2Bvf2Z%2FXH4LvhJ7Si2ntIgyqZH49EOuyZAY6mOutWTQtBKBdE6GM%2Fw3BPY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24534&sent=193&recv=88&lost=0&retrans=0&sent_bytes=188104&recv_bytes=20085&delivery_rate=1224208&cwnd=56700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1350&x=1", cfHdrFlush;dur=24
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6e0eb5d2ce-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15056
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 gallery.js Show response
www.aucklandmuseum.com/Client/Javascript/Modular/ 260 KB
79 KB 51ms
47ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/Client/Javascript/Modular/gallery.js?4900

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43ceb17a2d31001066e003a09ac802dcfaa176e9d0406add8d2576f31bbf24a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: HIT
etag: "0adb957532adb1:0"
age: 456663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HM%2BzHXeFyrcCNcFeO%2B0ywj0YGuQAQ6tH%2F2tnLi2rxVcFRHeg2pH8kS%2F9WjH8UsYO59TSIwUukYUNzlM03qLKkRtm0oMOnaU9Kz5PDY0DGOICbFJxeLNuuIiOlg3vFkGAJDfNTT6ZXPEyz43b0RptY1XKmMw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24534&sent=193&recv=88&lost=0&retrans=0&sent_bytes=188104&recv_bytes=20085&delivery_rate=1224208&cwnd=56700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1350&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6e0eb7d2ce-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 owl.js Show response
www.aucklandmuseum.com/Client/Javascript/Modular/ 3 KB
3 KB 50ms
46ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/Client/Javascript/Modular/owl.js?4900

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19c48a194bc9895cd80e49c54dd83e321999061a4497565da97852921f621d2f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: HIT
etag: "0adb957532adb1:0"
age: 456663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WJy9E1hgmBiLim8NPvW0ylIFPp%2B1k4M277ZZezNEqPTFg5ElkxI40fDLxSIiXS5ENbFI5krFMySdtFuWipU5YaSwcgQXlwqTq2KN2K%2F7C8%2BIX7%2B5TAHh09oTVLQvJ89XE3b93gjp6iCp%2B00xsxjBmN0x9Bs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24534&sent=180&recv=88&lost=0&retrans=0&sent_bytes=174397&recv_bytes=20085&delivery_rate=1224208&cwnd=56700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1348&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6e0eb8d2ce-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 539
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 sticky-nav.js Show response
www.aucklandmuseum.com/Client/Javascript/Modular/ 4 KB
3 KB 51ms
47ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/Client/Javascript/Modular/sticky-nav.js?4900

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45a0a4733a6c67fa0fdbc501af9ed1342649e41f6182a3eef26886be807cf732

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: HIT
etag: "0adb957532adb1:0"
age: 75230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o4qNZzLCgdvNGcFpEjvkQfUtZnP7yY2zkyIdHavaPCUOnJEOatdp7KgEogGuqtMjNirNKvnQnw3C72nK6cPETPPgVG2ObCMzLclJKJR1Lvy4IdGcqKsreeT2CduJ7ZMezv7x%2ByL3N%2F8JzVuTxIaG32L1Khg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24534&sent=183&recv=88&lost=0&retrans=0&sent_bytes=177120&recv_bytes=20085&delivery_rate=1224208&cwnd=56700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1348&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6e0eb9d2ce-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1232
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 header.js Show response
www.aucklandmuseum.com/Client/Javascript/Modular/ 10 KB
5 KB 51ms
48ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/Client/Javascript/Modular/header.js?4900

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afecf1092b63d89d4e1cd9acd0ff2176889b00b7d1f23539f6352cba0354bc1e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: HIT
etag: "0adb957532adb1:0"
age: 456663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rxxz%2FoBNTePc68x5kZfiBu0nabKN0WeJu7WtvygZSbMMCc6pcrtDzCsoNCM7uIMrneFRa4kTjeLCNJXjXHb9YgDOHsOytUQZXUvjUIppIzHecSV5CDb4%2BMqTYhhhdtZGkG7RyZjxpibvUpQhl4l6fzARKJg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24534&sent=189&recv=88&lost=0&retrans=0&sent_bytes=183388&recv_bytes=20085&delivery_rate=1224208&cwnd=56700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1349&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6e0ebad2ce-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2963
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 breadcrumbs.js Show response
www.aucklandmuseum.com/Client/Javascript/Modular/ 1 KB
3 KB 52ms
48ms Script
application/x-javascript 2606:4700:20::ac43:448c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aucklandmuseum.com/Client/Javascript/Modular/breadcrumbs.js?4900

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:448c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4705d5a8043cce198449136e7c88355c9c3075ef4260172cddee410fa1f575

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/discover/collections/search

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: HIT
etag: "0adb957532adb1:0"
age: 371647
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LuyJvAmUuqKfwbkcVZ6QrZ6jTawncxgOxSSGmErOwlWrvU9Rx7pPKb8yTH6BtlpQIzylwu3jjeXobWAPkRNKnFPx5kzc7uYQVatC%2BXRpW8LxDbDmmvErFluc7zWJck8K6f4AbGOKHCwI8CXIw5%2BYd8JNdzE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24534&sent=186&recv=88&lost=0&retrans=0&sent_bytes=180531&recv_bytes=20085&delivery_rate=1224208&cwnd=56700&unsent_bytes=0&cid=f5e9d3ce80b13bc0&ts=1348&x=1", cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sun, 17 Nov 2024 02:09:54 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 22:38:58 GMT
vary: Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem * 'unsafe-inline' 'unsafe-eval' https://*.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com; style-src 'self' data: 'unsafe-inline' *.aucklandmuseum.com ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io *.google.com *.googleapis.com *.jotform.co *.jotfor.ms *.twitter.com *.twimg.com *.riddle.com; img-src * 'self' data: *.aucklandmuseum.com ajrctguoxo.cloudimg.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; font-src 'self' data: *.gstatic.com *.jotform.co *.hotjar.com; connect-src * 'self' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://*.google.com; worker-src * https://*.google.com blob:; frame-ancestors * 'self' https://*.google.com; form-action * 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:4c11c3a7-5700-49d2-97c7-0c0a9e98c4f7
cf-ray: 8e3c2e6e0ebcd2ce-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 675
x-xss-protection: 1; mode=block
server: cloudflare

POST
H3 200 collect
www.google.com/ccm/ 0
0 34ms
33ms Ping
text/plain 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&scrsrc=www.googletagmanager.com&frm=0&rnd=421153299.1731809395&auid=314137965.1731809395&npa=1&gtm=45He4bc0v76826785za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&tft=1731809395027&tfd=1509&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9LBT2N
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 419 KB
134 KB 56ms
54ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q1608KR6QQ&l=dataLayer&cx=c&gtm=45He4bc0v76826785za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9LBT2N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3229f01f6118560f6cff7b5be1e20b8dd425fe191dd57fa883640ca97d3e5ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 17 Nov 2024 02:09:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 136605
x-xss-protection: 0
server: Google Tag Manager

GET hotjar-2376861.js
static.hotjar.com/c/ 0
0

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 257 KB
91 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-302428441&l=dataLayer&cx=c&gtm=45He4bc0v76826785za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9LBT2N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c0f1d1bb22fb5007a47afac5a7360ea9f922940a0e4db2739eda5c3598197d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sun, 17 Nov 2024 02:09:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 17 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93158
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 259 KB
92 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-961485226&l=dataLayer&cx=c&gtm=45He4bc0v76826785za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9LBT2N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a15b57f22aa6f23769ffa74d9788bbdcfcd5c8606bc3e9c91b0c64985afd7b0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sun, 17 Nov 2024 02:09:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 17 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93743
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 233 KB
83 KB 63ms
63ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-14006051&l=dataLayer&cx=c&gtm=45He4bc0v76826785za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9LBT2N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c20c0133bb5f841413a99fdb08e7390e6200243ec1b27d098f30aef3a4a3dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sun, 17 Nov 2024 02:09:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 17 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 84802
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 66ms
30ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9LBT2N

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-ffAkx2Xw' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ffAkx2Xw' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4461, tp=9, tpl=0, uplat=2, ullat=-1
pragma: public
x-fb-debug: hMarxIRVrdQpH4bW4sQNGK8Twa91HwxN0vjjmM3RJipPPgv1sGA2Qrg6EFFhSKCR5o/zUW6EhwCTQOpKab0bmA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62152
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 163ms
40ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9LBT2N

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

cache-control: max-age=24516
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Sun, 17 Nov 2024 02:09:55 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 116ms
30ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

cache-control: private, max-age=604800
content-encoding: gzip
etag: "mLYq618hJoRcW1Crupr2OQ=="
expires: Sun, 24 Nov 2024 02:09:55 GMT
accept-ranges: bytes
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: application/javascript
vary: Accept-Encoding

GET events.js
analytics.tiktok.com/i18n/pixel/ 0
0

GET
H2 200 array.js Show response
us-assets.i.posthog.com/static/ 167 KB
59 KB 100ms
33ms Script
text/javascript 2606:4700:10::6816:3ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-assets.i.posthog.com/static/array.js

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3ab5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

432b7e667063ce9fa3b07c878c13bd75b558a2ce3c5a7da601b7789b0d3978aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

cache-control: public, max-age=300
cross-origin-opener-policy: same-origin
content-encoding: gzip
x-envoy-upstream-service-time: 4
age: 69
cf-cache-status: HIT
referrer-policy: same-origin
x-content-type-options: nosniff
cf-ray: 8e3c2e6f7d7cdba7-FRA
access-control-allow-origin: *
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: text/javascript; charset="utf-8"
last-modified: Sat, 16 Nov 2024 15:31:47 GMT
vary: Accept-Encoding
server: cloudflare

GET ping.min.js
pixel.byspotify.com/ 0
0

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 64FB 0
0 84ms
27ms Document
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.aucklandmuseum.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9LBT2N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 29778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Nov 2024 17:53:37 GMT
expires: Sun, 16 Nov 2025 17:53:37 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET /
www.googleadservices.com/pagead/conversion/961485226/ 0
0

GET
H3 200 927997600911227 Show response
connect.facebook.net/signals/config/ 82 KB
16 KB 136ms
135ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/927997600911227?v=2.9.177&r=stable&domain=www.aucklandmuseum.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3a9d075bad8740a13aef1cedc4a9e91e5422bd172120b89ba2649c8dd63f31ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-u0R4Zgc0' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-u0R4Zgc0' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=77, mss=1232, tbw=71049, tp=68, tpl=0, uplat=106, ullat=0
pragma: public
x-fb-debug: WT12arUt/RdLU0DuwOgfTF0+WnY4p8/ouyHiIe1uX4mXljarp4rhWjy+cYXidSUZhPZOJc5XHq5fWklj6nPsuw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET activityi;src=14006051;type=pagev0;cat=allpa0;ord=2233050504137;npa=1;auiddc=314137965.1731809395;ps=1;pcor=705369759;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bc0v91...
14006051.fls.doubleclick.net/ Frame F22B 0
0

GET activity;register_conversion=1;src=14006051;type=pagev0;cat=allpa0;ord=2233050504137;npa=1;auiddc=314137965.1731809395;ps=1;pcor=705369759;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;...
ad.doubleclick.net/ 0
0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 110ms
37ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Q1608KR6QQ&gtm=45je4bc0v898597397z876826785za200zb76826785&_p=1731809394725&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=990808051.1731809395&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=Ag&_s=1&sid=1731809395&sct=1&seg=0&dl=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&dt=Search%20-%20Collections%20Online%20-%20Auckland%20War%20Memorial%20Museum&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1748
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.aucklandmuseum.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
559 B 116ms
36ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q1608KR6QQ&cid=990808051.1731809395&gtm=45je4bc0v898597397z876826785za200zb76826785&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q1608KR6QQ&l=dataLayer&cx=c&gtm=45He4bc0v76826785za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.aucklandmuseum.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 79ms
39ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q1608KR6QQ&cid=990808051.1731809395&gtm=45je4bc0v898597397z876826785za200zb76826785&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855&tag_exp=101925629~102067555~102067808~102077855&z=1577626875

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 17 Nov 2024 02:09:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST /
us.i.posthog.com/decide/ 0
0

GET
H2 200 rules-p-hBBM68Exb36my.js Show response
rules.quantcount.com/ 4 KB
2 KB 515ms
445ms Script
application/javascript 2600:9000:211e:6a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-hBBM68Exb36my.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e6e74e0a9257959f9c5527791ccba78cda7ad06977b0612bbb52697f20fbfdc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

content-encoding: gzip
etag: W/"4a3782058e973fd3f861c8bb175e9343"
access-control-allow-methods: GET
x-cache: RefreshHit from cloudfront
x-amz-cf-id: EeZTrnTCNb4T2iCt0D1w3m2C9r9tjBSLE-FHStz3xz18iJo05Do4qw==
date: Sun, 17 Nov 2024 02:09:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 01 Jul 2021 03:04:20 GMT
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
via: 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
706 B 276ms
179ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aucklandmuseum.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: D88E6A43EABA44E2B62E71D7115B377F Ref B: FRAEDGE1722 Ref C: 2024-11-17T02:09:55Z
x-li-fabric: prod-ltx1
access-control-allow-credentials: true
x-li-uuid: AAYnEkvV+CE5B2Ll7MZ/zg==
x-li-proto: http/2
access-control-allow-origin: https://www.aucklandmuseum.com
x-cache: CONFIG_NOCACHE
date: Sun, 17 Nov 2024 02:09:55 GMT
vary: Origin

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 75ms
37ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Q1608KR6QQ&gtm=45je4bc0v898597397za200zb76826785&_p=1731809394725&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=990808051.1731809395&ul=de-de&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1731809395&sct=1&seg=0&dl=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&dt=Search%20-%20Collections%20Online%20-%20Auckland%20War%20Memorial%20Museum&en=page_view_collections_online&_et=4&tfd=1784
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.aucklandmuseum.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: text/plain
server: Golfe2

POST /
us.i.posthog.com/e/ 0
0

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
816 B 204ms
137ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=3226212&time=1731809395323&url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&conversionId=17741452&tm=gtmv2
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://www.aucklandmuseum.com/

Response headers

x-li-pop: afd-prod-lva1-x
content-encoding: gzip
x-fs-uuid: 000627124bd599d65a69ad10afe08ba7
x-msedge-ref: Ref A: 6F9ED786709A4668A31DE2C3854918E4 Ref B: FRAEDGE1813 Ref C: 2024-11-17T02:09:55Z
x-li-fabric: prod-lva1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYnEkvVmdZaaa0Qr+CLpw==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: application/json
access-control-allow-headers: *

GET

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3226212&time=1731809395323&conversionId=17741452&url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&tm=gtmv2
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3226212&time=1731809395323&conversionId=17741452&url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&tm=gtmv2&e_ipv6=AQJii...

0
0

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 80ms
29ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=927997600911227&ev=PageView&dl=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&rl=&if=false&ts=1731809395334&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1731809395332.559199435253725363&cs_est=true&ler=empty&cdl=API_unavailable&it=1731809395178&coo=false&tm=1&rqm=GET

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=23, mss=1232, tbw=4509, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
201 B 208ms
175ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=927997600911227&ev=PageView&dl=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&rl=&if=false&ts=1731809395334&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1731809395332.559199435253725363&cs_est=true&ler=empty&cdl=API_unavailable&it=1731809395178&coo=false&tm=1&rqm=FGET

Requested by

Host: www.aucklandmuseum.com
URL: https://www.aucklandmuseum.com/discover/collections/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438064714882329050"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x4b3a24dd8f547c6a","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["7852380931485764"]},"debug_reporting":true,"debug_key":"3837367138053132309"}
date: Sun, 17 Nov 2024 02:09:55 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438064714882329050", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: /EDCAkD4kLt+VIfpmZC22uyt/qWcd+/oqpZLwK8ai5ZsAnXhxfXj5tbhLjPHEz6VbYMscyAfm2DNvX3DBPtVcQ==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=23, mss=1232, tbw=4877, tp=13, tpl=0, uplat=147, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET

pixel;r=1285951062;labels=_fp.event.Search%2C_fp.event.Discover;rf=0;a=p-hBBM68Exb36my;url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch;ns=0;ce=1;qjs=1;qv=6cdb9339-2024110...
pixel-ssn.quantserve.com/
Redirect Chain

https://pixel.quantserve.com/pixel;r=1285951062;labels=_fp.event.Search%2C_fp.event.Discover;rf=0;a=p-hBBM68Exb36my;url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch;ns=0;c...
https://pixel-ssn.quantserve.com/pixel;r=1285951062;labels=_fp.event.Search%2C_fp.event.Discover;rf=0;a=p-hBBM68Exb36my;url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch;ns...

0
0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 47ms
45ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Q1608KR6QQ&gtm=45je4bc0v898597397za200zb76826785&_p=1731809394725&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=990808051.1731809395&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1731809395&sct=1&seg=0&dl=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&dt=Search%20-%20Collections%20Online%20-%20Auckland%20War%20Memorial%20Museum&en=scroll&epn.percent_scrolled=90&_et=29&tfd=6785
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.aucklandmuseum.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 02:10:00 GMT
content-type: text/plain
server: Golfe2

OPTIONS track
southeastasia-1.in.applicationinsights.azure.com//v2/ Frame 0
0

POST track
southeastasia-1.in.applicationinsights.azure.com//v2/ 0
0

GET
H3

200

/
www.google.de/pagead/1p-conversion/961485226/
Redirect Chain

https://www.google.com/pagead/1p-conversion/961485226/?random=1731809395138&cv=11&fst=1731809395138&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4be0h2z876826785za201zb76826785&gcd=13l3l3l2l1l1&dma_cps=...
https://www.google.com/pagead/1p-conversion/961485226/?random=1605356544&cv=11&fst=1731809395138&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4be0h2z876826785za201zb76826785&gcd=13l3l3l2l1l1&dma_cps=syp...
https://www.google.de/pagead/1p-conversion/961485226/?random=1605356544&cv=11&fst=1731809395138&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4be0h2z876826785za201zb76826785&gcd=13l3l3l2l1l1&dma_cps=syph...

42 B
0

70ms
68ms

Fetch
image/gif

2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/1p-conversion/961485226/?random=1605356544&cv=11&fst=1731809395138&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4be0h2z876826785za201zb76826785&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&label=aX_GCMah27ADEKqzvMoD&hn=www.googleadservices.com&frm=0&tiba=Search%20-%20Collections%20Online%20-%20Auckland%20War%20Memorial%20Museum&value=0&npa=1&pscdl=noapi&auid=314137965.1731809395&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&gcp=2&sscte=1&ct_cookie_present=1&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII6saxAgjTxbEC&eitems=ChAIgKLhuQYQ8re0vpXytqIHEh0A-j83lrtaPTMfDxSBmE8Wj65fXymSxV_GCARXTg&pscrd=IhMI5O_S7KTiiQMViImDBx0vNDVDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh9odHRwczovL3d3dy5hdWNrbGFuZG11c2V1bS5jb20vQlZDaEFJZ0tMaHVRWVFwSl9WeGVxZnNLZDlFaXdBRk5ZV1BFLUNNYl90b1VfclJUaU9ua3FDVDc5SmM5c19kNi0tdXRVcXh5anBlTW02c3VTSV9jbDlUZw&ipr=y

Protocol

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.aucklandmuseum.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 17 Nov 2024 02:10:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/961485226/?random=1605356544&cv=11&fst=1731809395138&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4be0h2z876826785za201zb76826785&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&label=aX_GCMah27ADEKqzvMoD&hn=www.googleadservices.com&frm=0&tiba=Search%20-%20Collections%20Online%20-%20Auckland%20War%20Memorial%20Museum&value=0&npa=1&pscdl=noapi&auid=314137965.1731809395&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&gcp=2&sscte=1&ct_cookie_present=1&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII6saxAgjTxbEC&eitems=ChAIgKLhuQYQ8re0vpXytqIHEh0A-j83lrtaPTMfDxSBmE8Wj65fXymSxV_GCARXTg&pscrd=IhMI5O_S7KTiiQMViImDBx0vNDVDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh9odHRwczovL3d3dy5hdWNrbGFuZG11c2V1bS5jb20vQlZDaEFJZ0tMaHVRWVFwSl9WeGVxZnNLZDlFaXdBRk5ZV1BFLUNNYl90b1VfclJUaU9ua3FDVDc5SmM5c19kNi0tdXRVcXh5anBlTW02c3VTSV9jbDlUZw&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 17 Nov 2024 02:10:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/4.6/1/WebForms.js

Domain: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/4.6/1/Focus.js

Domain: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2376861.js?sv=7

Domain: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CD2E4IJC77U2F908R8V0&lib=ttq

Domain: pixel.byspotify.com
URL: https://pixel.byspotify.com/ping.min.js

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion/961485226/?random=1731809395138&cv=11&fst=1731809395138&bg=ffffff&guid=ON&async=1&gtm=45be4be0h2z876826785za201zb76826785&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&label=aX_GCMah27ADEKqzvMoD&hn=www.googleadservices.com&frm=0&tiba=Search%20-%20Collections%20Online%20-%20Auckland%20War%20Memorial%20Museum&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=314137965.1731809395&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&rfmt=3&fmt=4

Domain: 14006051.fls.doubleclick.net
URL: https://14006051.fls.doubleclick.net/activityi;src=14006051;type=pagev0;cat=allpa0;ord=2233050504137;npa=1;auiddc=314137965.1731809395;ps=1;pcor=705369759;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bc0v9172987267z876826785za201zb76826785;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067554~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch?

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/activity;register_conversion=1;src=14006051;type=pagev0;cat=allpa0;ord=2233050504137;npa=1;auiddc=314137965.1731809395;ps=1;pcor=705369759;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bc0v9172987267z876826785za201zb76826785;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067554~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch?

Domain: us.i.posthog.com
URL: https://us.i.posthog.com/decide/?v=3&ip=1&_=1731809395285&ver=1.186.0&compression=base64

Domain: us.i.posthog.com
URL: https://us.i.posthog.com/e/?ip=1&_=1731809395319&ver=1.186.0&compression=gzip-js

Domain: px4.ads.linkedin.com
URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3226212&time=1731809395323&conversionId=17741452&url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch&tm=gtmv2&e_ipv6=AQJii-H_B9dYrgAAAZM34kMfiG-d2UbMJOeqJYjIL7eeyfFnSRasCSHFm8iIgQwdEiRfV2fNH7ajmZFkd0tsz4l2t6Dj

Domain: pixel-ssn.quantserve.com
URL: https://pixel-ssn.quantserve.com/pixel;r=1285951062;labels=_fp.event.Search%2C_fp.event.Discover;rf=0;a=p-hBBM68Exb36my;url=https%3A%2F%2Fwww.aucklandmuseum.com%2Fdiscover%2Fcollections%2Fsearch;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1731809395806;tzo=-60;ogl=image.https%3A%2F%2Fwww%252Eaucklandmuseum%252Ecom%2Fimages%2Faucklandmuseum%2Fam_logo_fb%252Epng%2Ctitle.Search%2Cdescription.%2Curl.https%3A%2F%2Fwww%252Eaucklandmuseum%252Ecom%2Fdiscover%2Fcollections%2Fsearch%2Csite_name.Auckland%20War%20Memorial%20Museum%2Ctype.website;ses=e90a8e74-c9c7-4a94-8000-cc48bbb4c08f;d=aucklandmuseum.com;uht=2;fpan=1;fpa=P0-418334440-1731809395808;pbc=;gdpr=0;mdl=;dip=4304ce82-0d5c-405a-8404-973db7a78390

Domain: southeastasia-1.in.applicationinsights.azure.com
URL: https://southeastasia-1.in.applicationinsights.azure.com//v2/track

Domain: southeastasia-1.in.applicationinsights.azure.com
URL: https://southeastasia-1.in.applicationinsights.azure.com//v2/track

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.aucklandmuseum.com/	1970-01-21 09:49:05	Name: CMSPreferredCulture Value: en-NZ
www.aucklandmuseum.com/	1969-12-31 23:59:59	Name: CMSCsrfCookie Value: aybIU++eLUZLLOdHA/9G6pVNlYV4FzQjZa27XQE1
www.aucklandmuseum.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 4wis4d3f03aljel52fgyqcsb
.aucklandmuseum.com/	1970-01-21 03:13:05	Name: _gcl_au Value: 1.1.314137965.1731809395
www.aucklandmuseum.com/	1970-01-21 09:49:05	Name: ai_user Value: vIvxb5DDmIiD+Rn7YDrN0m\|2024-11-17T02:09:55.066Z
.aucklandmuseum.com/	1970-01-21 10:39:29	Name: _ga Value: GA1.1.990808051.1731809395
.aucklandmuseum.com/	1970-01-21 10:39:29	Name: _ga_Q1608KR6QQ Value: GS1.1.1731809395.1.0.1731809395.60.0.0
.aucklandmuseum.com/	1970-01-21 09:49:05	Name: ph_phc_15Sk2j6vs6IKBb3t1R0adjyGNc8io7iBVtlu7gHW4e_posthog Value: %7B%22distinct_id%22%3A%22019337e2-4254-7d71-817b-67c3311531ba%22%2C%22%24sesid%22%3A%5B1731809395318%2C%22019337e2-4253-7361-ace3-438452479be5%22%2C1731809395283%5D%7D
.aucklandmuseum.com/	1970-01-21 03:13:05	Name: _fbp Value: fb.1.1731809395332.559199435253725363
www.aucklandmuseum.com/	1970-01-21 01:03:31	Name: ai_session Value: X1McH95gDe5jvAM94itiC8\|1731809395380\|1731809395380
.linkedin.com/	1970-01-21 01:04:55	Name: lidc Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3533:u=1:x=1:i=1731809395:t=1731895795:v=2:sig=AQGkRCpYKSTAczxm90l3M_075uzzYvZB"
.linkedin.com/	1970-01-21 09:49:05	Name: bcookie Value: "v=2&763238a8-3ff5-4a3b-8139-9129f8e54211"
.linkedin.com/	1970-01-21 05:22:41	Name: li_gc Value: MTswOzE3MzE4MDkzOTU7MjswMjFb8QlrHBb8D63+QVCyLzUWOQnmyBGQnJg8fW9SrmSr3g==
.quantserve.com/	1970-01-21 10:33:43	Name: mc Value: 67395073-caf80-602a5-008e3
.aucklandmuseum.com/	1970-01-21 10:27:58	Name: __qca Value: P0-418334440-1731809395808

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.google.com; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com; script-src-elem 'unsafe-inline' 'unsafe-eval' https://.google.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com; style-src 'self' data: 'unsafe-inline' .aucklandmuseum.com ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-elem 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; style-src-attr 'self' data: 'unsafe-inline' ajrctguoxo.cloudimg.io .google.com .googleapis.com .jotform.co .jotfor.ms .twitter.com .twimg.com .riddle.com; img-src * 'self' data: .aucklandmuseum.com ajrctguoxo.cloudimg.io https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com; font-src 'self' data: .gstatic.com .jotform.co .hotjar.com; connect-src * 'self' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://.googleapis.com https://.google.com https://.gstatic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com https://.lr-in-prod.com https://.lr-ingest.com; media-src * 'self'; child-src 'self' blob:; frame-src * 'self' https://.google.com; worker-src https://.google.com blob:; frame-ancestors 'self' https://.google.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14006051.fls.doubleclick.net
ad.doubleclick.net
ajax.aspnetcdn.com
ajrctguoxo.cloudimg.io
analytics.tiktok.com
code.jquery.com
connect.facebook.net
js.monitor.azure.com
muse.aucklandmuseum.com
pixel-ssn.quantserve.com
pixel.byspotify.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
rules.quantcount.com
secure.quantserve.com
snap.licdn.com
southeastasia-1.in.applicationinsights.azure.com
static.hotjar.com
stats.g.doubleclick.net
us-assets.i.posthog.com
us.i.posthog.com
www.aucklandmuseum.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
14006051.fls.doubleclick.net
ad.doubleclick.net
ajax.aspnetcdn.com
analytics.tiktok.com
pixel-ssn.quantserve.com
pixel.byspotify.com
px4.ads.linkedin.com
southeastasia-1.in.applicationinsights.azure.com
static.hotjar.com
us.i.posthog.com
www.googleadservices.com
2001:4860:4802:34::36
2600:9000:211e:6a00:6:44e3:f8c0:93a1
2606:4700:10::6816:3ab5
2606:4700:20::ac43:448c
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2620:1ec:bdf::45
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:81d::2003
2a00:1450:400c:c06::9c
2a02:26f0:3500:10::210:a9a
2a02:26f0:3500:3::b818:4d2f
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::649
007763b87fc3c1e59ecbb6eaf5d54a801f8a74869dc035dbb5794475eae5dd82
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0c0f1d1bb22fb5007a47afac5a7360ea9f922940a0e4db2739eda5c3598197d5
19b388e733f0af2b17dd1bd41d2c776079e40aaf5efad3a2c0b62efd78d4a1e7
19c48a194bc9895cd80e49c54dd83e321999061a4497565da97852921f621d2f
1c20c0133bb5f841413a99fdb08e7390e6200243ec1b27d098f30aef3a4a3dae
2b4eaf7c5c3c62a91b28bd5d4aa8475a44a18ffd185dec3698579dbb95579a5e
2be721560b8cae178785531dc523d2f7b9b173bb6571536fed94a85c0d31c525
2f42bd54149cbd50a46b415f833bdd0ba690b829feb531b5d00db99685508d5e
36bcd89cf32426d8e3961a73376cc2e999ea28e344596bece26c1b202b20ff80
3a9d075bad8740a13aef1cedc4a9e91e5422bd172120b89ba2649c8dd63f31ac
40f75e5016869b213eeef1ab4af4086f24a5a74de067e0e365a6d4eb73165cc3
41b156770ac5e9b69e41b6e2f23f9ad6e4399daa59e48dea29cbbb5338a7ae00
432b7e667063ce9fa3b07c878c13bd75b558a2ce3c5a7da601b7789b0d3978aa
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
43ceb17a2d31001066e003a09ac802dcfaa176e9d0406add8d2576f31bbf24a0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a0a4733a6c67fa0fdbc501af9ed1342649e41f6182a3eef26886be807cf732
4acf565b75f5edc8987503d6714415019db979f7090966c4ebdb5be1ae68bfa4
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
5a4705d5a8043cce198449136e7c88355c9c3075ef4260172cddee410fa1f575
5b608be012b96fc0c17371624bc3c86185350749086e18894a4c61f3b38429c4
5ce6ae3715497bf2a26cc1fe4767936196c604a36906b1f96d484c1a3fa4005c
6e6da0ef0d5cb4c7b0a9e7ba7bb244bb4ba806f5ed07f5477fb1ce34a4c0bbbc
7f856a76ea6ebe60d818ae4a697420b8b1a5704dbac3d714260dd844017fdd60
82845e0d281e04a8cc40462e692d5e9b64a6d682a5eb88034db6d375a7144d36
882a793ae4dd5578a64f567e78f6b5738b1aa8a9c1aadbe3e9a3b651654fd305
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
940e03220d5dd2850dd026dcc8a4a9100bd22dae2f158c35095caa16bab28144
948a03385916b9434ce202dcd47ed32c5477be0c7c0a46335ebc2f1d0fde085f
97f7ed549a176ec35a88dbdfa01b9fa8df5380f8f096a99e1fc186ddd2b65cfa
9e6e74e0a9257959f9c5527791ccba78cda7ad06977b0612bbb52697f20fbfdc
9f9425c961900c8d8b3b30085c3969eef0c845a11c5be9fad704d160c64a12f5
a15b57f22aa6f23769ffa74d9788bbdcfcd5c8606bc3e9c91b0c64985afd7b0c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
afecf1092b63d89d4e1cd9acd0ff2176889b00b7d1f23539f6352cba0354bc1e
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136
c3dc20692b3a194b198aea7caaf241ec9bc00041263117de7542be4c1210e7ee
d3229f01f6118560f6cff7b5be1e20b8dd425fe191dd57fa883640ca97d3e5ff
d512b06ff52a3f7939d980239249dfdcab98d40fae2ec0068798a3701aac1b4e
da56c4e2c68bb87a25f3f996a8ed75408cb47d087796d08eb5a8d2187743a482
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b38fb762963adbe977f0fb3108492307547862dca4b41b5149c4c9ddfc8b5
e44c3b782978c44af9885b97302632e45ff19d01ecb745e91d21cf597c22cb29
e76fb8d9f216898822b92b5be7fc0b3085b9a3685b14089d64a10935e83a08c5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85
f8495a01b1aeccf3721b9dbd620535e3004cc3e7715dbc02f62d3d8c888a78b3

www.aucklandmuseum.com Open in urlscan Pro 2606:4700:20::ac43:448c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

79 %HTTPS

100 %IPv6

20 Domains

28 Subdomains

17 IPs

3 Countries

1300 kBTransfer

3580 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.aucklandmuseum.com Open in urlscan Pro
2606:4700:20::ac43:448c Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

79 %
HTTPS

100 %
IPv6

20
Domains

28
Subdomains

17
IPs

3
Countries

1300 kB
Transfer

3580 kB
Size

15
Cookies

70 HTTP transactions
0 data transactions